CVE-2016-4534
low
CVSS v3
3.0
CVSS v2
3.0
VIR risk
3.0
Description
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.
Predictions
Exploit likelihood
31%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf
Vendor advisory: cve@mitre.org — https://kc.mcafee.com/corporate/index?page=content&id=SB10158
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8.0 | |
References
- http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html
- http://seclists.org/fulldisclosure/2016/Mar/13
- http://www.securitytracker.com/id/1035754
- https://kc.mcafee.com/corporate/index?page=content&id=SB10158
- https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf
- https://lab.mediaservice.net/advisory/2016-01-mcafee.txt
- https://www.exploit-db.com/exploits/39531/
- http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html
- http://seclists.org/fulldisclosure/2016/Mar/13
- http://www.securitytracker.com/id/1035754
- https://kc.mcafee.com/corporate/index?page=content&id=SB10158
- https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf
- https://lab.mediaservice.net/advisory/2016-01-mcafee.txt
- https://www.exploit-db.com/exploits/39531/
CWEs
CWE-264
Verify integrity in audit chain (admin only). AS-IS.