Severity: high (7.5)

First published: Wed Sep 13 2023

Last modified: Fri Sep 15 2023

CWE: 295

An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. All versions prior to are affected. Agents for Windows, Linux, and Cloud are unaffected.

Any of

  • Proofpoint Insider Threat Management
SecAlerts Pty Ltd.
Fortitude Valley,
QLD 4006, Australia
© Copyright 2023 - ABN: 70 645 966 203, ACN: 645 966 203