CVE-2017-4028
SB10193 - consumer and corporate products - Maliciously misconfigured registry vulnerability
Severity Score
4.4
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.
Vulnerabilidad de registro maliciosamente configurado en todos los productos Microsoft Windows en productos para consumidores y empresas de McAfee permite que un administrador inyecte código arbitrario en un proceso McAffee depurado mediante la manipulación de parámetros de registro.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-12-26 CVE Reserved
- 2018-04-03 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/97958 | Vdb Entry | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10193 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mcafee Search vendor "Mcafee" | Anti-virus Plus Search vendor "Mcafee" for product "Anti-virus Plus" | - | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Endpoint Security Search vendor "Mcafee" for product "Endpoint Security" | 10.2 Search vendor "Mcafee" for product "Endpoint Security" and version "10.2" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | <= 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version " <= 8.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version "8.0" | patch_1 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version "8.0" | patch_2 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version "8.0" | patch_3 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version "8.0" | patch_4 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version "8.0" | patch_5 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version "8.0" | patch_6 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version "8.0" | patch_7 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version "8.0" | patch_8 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Host Intrusion Prevention Search vendor "Mcafee" for product "Host Intrusion Prevention" | 8.0 Search vendor "Mcafee" for product "Host Intrusion Prevention" and version "8.0" | patch_9 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Internet Security Search vendor "Mcafee" for product "Internet Security" | - | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Total Protection Search vendor "Mcafee" for product "Total Protection" | - | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Virus Scan Enterprise Search vendor "Mcafee" for product "Virus Scan Enterprise" | <= 8.8 Search vendor "Mcafee" for product "Virus Scan Enterprise" and version " <= 8.8" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Mcafee Search vendor "Mcafee" | Virus Scan Enterprise Search vendor "Mcafee" for product "Virus Scan Enterprise" | 8.8 Search vendor "Mcafee" for product "Virus Scan Enterprise" and version "8.8" | patch_9 |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|