Remote Code Execution Vulnerability in McAfee Advanced Threat Defense
CVE-2016-3983

7.5HIGH

Key Information:

Vendor: Mcafee
Status: Advanced Threat Defense
Vendor: CVE Published:; 8 April 2016

Summary

McAfee Advanced Threat Defense prior to version 3.4.8.178 contains a remote code execution vulnerability that allows attackers to bypass malware detection mechanisms. By manipulating knowledge of the parent process, an unauthorized remote attacker can exploit this weakness, potentially gaining unauthorized access to the system. This could lead to significant security risks, emphasizing the importance of updating to the latest version to mitigate potential threats.

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 8, 2016