A security issue or problem is easily detected on platforms, operating systems, and even on Internet services. It is inevitable, and sooner or later it affects creators and users.
Something they did not expect was to appear in such isolated and highly isolated areas such as headphones and sound system. Sennheiser has revealed its failure and requires users to update their software.
The problem that Sennheiser has posed may question the privacy of users and even their data. It is not present in hardware, but in the handheld management software usually installed by users.
Discovery of the failure was the responsibility of security company Secorvo, who routinely found a serious problem in 2 Sennheiser software. The company tried to solve it quickly.
The core of the problem lies in the HeadSetup and HeadSetup Pro software that installs root certificates in the area of trusted private key certificates that are not unique. The mistake is even in using a private key and in an abnormal repetition.
This means that any attacker who can break that private key can access any system where this certificate is installed. Just a fake website and set up data by the user.
To make this serious issue worse, removing the affected software will still be a problem because the problem verification has not been removed and remains available for use by any attacker.
After the problem was known and resolved, Sennheiser immediately announced the update for the software to be installed immediately. Not to mention the lack of Sennheiser hardware, it affects all those who have opted for that reputable brand of headphones.