A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application doesnt check the extended key usage attribute of that devices certificate. This could allow an attacker to execute an on-path network (MitM) attack.
The product does not validate, or incorrectly validates, a certificate.