CVE-2017-15528 : Security Advisory and Response

CVE-2017-15528 pertains to a vulnerability in the Install Norton Security (INS) product before version 7.6, involving certificate spoofing. This vulnerability could allow attackers to link their public key to a target's domain name.

Understanding CVE-2017-15528

Before version 7.6, the Install Norton Security (INS) product had a potential vulnerability related to certificate spoofing, allowing attackers to link their public key to the target's domain name.

What is CVE-2017-15528?

This CVE identifies a vulnerability in the INS product before version 7.6, enabling certificate spoofing attacks where maliciously obtained certificates bind an attacker's public key to the target's domain.

The Impact of CVE-2017-15528

The vulnerability could lead to certificate spoofing attacks, compromising the security and integrity of SSL/TLS communications and potentially enabling man-in-the-middle attacks.

Technical Details of CVE-2017-15528

The technical details of this CVE include:

Vulnerability Description

Prior to version 7.6, the INS product is susceptible to a certificate spoofing vulnerability, allowing attackers to link their public key to the target's domain.

Affected Systems and Versions

Product: Install Norton Security (INS)
Vendor: Symantec
Versions affected: Before version 7.6

Exploitation Mechanism

The vulnerability could be exploited by attackers to perform certificate spoofing attacks, compromising SSL/TLS communications.

Mitigation and Prevention

To mitigate the risks associated with CVE-2017-15528, consider the following steps:

Immediate Steps to Take

Update the INS product to version 7.6 or later to patch the vulnerability.
Monitor SSL/TLS communications for any suspicious activity.

Long-Term Security Practices

Implement strong certificate management practices.
Regularly update and patch software to address security vulnerabilities.

Patching and Updates

Apply security updates and patches provided by Symantec for the INS product.