Vulnerability CVE-2015-8993

Vulnerability CVE-2015-8993

Published: 2017-03-14 Modified: 2017-03-15

Description:

Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.

CVSS2 => (AV:L/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.9/10	10/10	3.4/10

Exploit range	Attack complexity	Authentication
Local	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Mcafee -> Security webadvisor
Mcafee -> Cloud av
Mcafee -> Security scan plus

References:

https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462

Copyright 2024, cxsecurity.com