CVE-2017-4028

Summary

Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.

Affected Software

VendorProductVersion RangeStatus
McAfeeMcAfee Anti-Virus Plus (AVP)170329 < 29 Mar 2017affected
McAfeeMcAfee Endpoint Security (ENS)10.2 < 10.2 DAT V3 DAT 2932.0affected
McAfeeMcAfee Host Intrusion Prevention (Host IPS)8.0 < 8.0 Patch 9 Hotfix 1188590affected
McAfeeMcAfee Internet Security (MIS)170329 < 29 Mar 2017affected
McAfeeMcAfee Total Protection (MTP)170329 < 29 Mar 2017affected
McAfeeMcAfee Virus Scan Enterprise (VSE)8.8 < 8.8 Patch 8/9 Hotfix 1187884affected

Weaknesses

  • Maliciously misconfigured registry vulnerability

ADP Enrichment

CVE Program Container

Additional References

References