Unauthorized Execution Vulnerability in McAfee Application Control
CVE-2014-9920

5.9MEDIUM

Key Information:

Vendor
Intel
Status
Mcafee Application Control (mac)
Vendor
CVE Published:
14 March 2017

Summary

This vulnerability in McAfee Application Control allows attackers to exploit a specific flaw in the software, enabling the execution of a malformed Windows binary that bypasses the system’s whitelisting protections. As a result, an attacker can execute arbitrary code on systems running the affected versions of the software, which can lead to severe security compromises.

Affected Version(s)

McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.