← voltar
CVE-2016-3984

CVE-2016-3984

EPSS 1.1%
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
Produtos afetados
n/a · n/a
PoCs públicas encontradas2
cve_referencewww.exploit-db.com/exploits/39531/não verificadoexploitdbwww.exploit-db.com/exploits/39531não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lab.mediaservice.net/advisory/2016-01-mcafee.txthttp://seclists.org/fulldisclosure/2016/Mar/13https://kc.mcafee.com/corporate/index?page=content&id=SB10151https://www.exploit-db.com/exploits/39531/http://www.securitytracker.com/id/1035130