Sennheiser HeadSetup software was also installing an encrypted version of the certificate’s private key that was not as secure as the developers may have thought. This would allow an attacker who had the right private key to continue to perform attacks even when the software was no longer installed on the computer. An attacker could then be used by an attacker to perform a man-in-the-middle attack to read and alter the secure traffic to these sites. As this certificate was created using the same private key found on any computer that installed the same version of HeadSetup, those other computers would also be vulnerable to this certificate.
Source: https://www.bleepingcomputer.com/news/security/sennheiser-headset-software-could-allow-man-in-the-middle-ssl-attacks/