CVE-2016-8008

high

Published 2017-03-14 · Modified 2026-05-13

CVSS v3

8.8

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CVSS v2

7.2

VIR risk

8.8

Description

Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system.

Predictions

Exploit likelihood

82%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secure@intel.com — https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102593

OS impact

OS	Version	Status	Fixed in
windows		not-affected
windows	-	not-affected

Application impact

Vendor	Product	Versions	Fixed
mcafee	security_scan_plus	`{"endIncluding":"3.11.376"}`

References

https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102593
https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102593

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.