CVE-2016-4534

Published on: 05/05/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:26:59 PM UTC

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L

Certain versions of Virusscan Enterprise from Mcafee contain the following vulnerability:

The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.

  • CVE-2016-4534 has been assigned by [email protected] to track the vulnerability - currently rated as LOW severity.

CVSS3 Score: 3 - LOW

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL HIGH HIGH NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE LOW LOW

CVSS2 Score: 3 - LOW

Access
Vector
Access
Complexity
Authentication
LOCAL MEDIUM SINGLE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE PARTIAL PARTIAL

CVE References

Description Tags Link
McAfee VirusScan Flaw Lets Local Users Bypass VirusScan Console Authentication - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1035754
Exploit
lab.mediaservice.net
text/plain
MISC lab.mediaservice.net/advisory/2016-01-mcafee.txt
McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass - Windows local Exploit Exploit
www.exploit-db.com
Proof of Concept
text/html
URL Logo EXPLOIT-DB 39531
Vendor Advisory
kc.mcafee.com
application/pdf
CONFIRM kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf
Full Disclosure: McAfee VirusScan Enterprise security restrictions bypass Exploit
seclists.org
text/html
URL Logo FULLDISC 20160304 McAfee VirusScan Enterprise security restrictions bypass
McAfee VirusScan Enterprise 8.8 Security Bypass ≈ Packet Storm Exploit
packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html
McAfee Security Bulletin: VirusScan Enterprise update fixes protections bypass vulnerability (CVE-2016-4534) Patch
Vendor Advisory
kc.mcafee.com
text/html
URL Logo CONFIRM kc.mcafee.com/corporate/index?page=content&id=SB10158

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationMcafeeVirusscan Enterprise8.8.0AllAllAll
ApplicationMcafeeVirusscan Enterprise8.8.0AllAllAll
Operating
System
MicrosoftWindowsAllAllAllAll
Operating
System
MicrosoftWindowsAllAllAllAll
  • cpe:2.3:a:mcafee:virusscan_enterprise:8.8.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:mcafee:virusscan_enterprise:8.8.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*: