Headphone software made by Sennheiser has been installing a root certificate, plus the private key, onto people's computers: https://t.co/9VMNDcLslc
— Andrew Ayer (@__agwa) November 27, 2018
Like Superfish, anyone can use this key, which is the same on all installations, to forge certificates and impersonate websites.