CVE-2014-9920

medium

Trellix

CVSS v3 Base Score

5.9

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS Score

0.4%

Exploitation probability in 30 days

Top 41% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Confidentiality

None

Integrity

High

Availability

None

Published: March 14, 2017 (3348 days ago)

Last Modified: May 13, 2026

Vendor: Trellix

Source: NVD

Description

Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered non-executable and is not protected through the whitelisting protection feature via a specific set of circumstances.

CWE

CWE-284

Affected Products

mcafee application control

References

🔗 kc.mcafee.com 🔗 kc.mcafee.com

CVE-2014-9920

Vulnerability Report

Description

CWE

Affected Products

References