CVE-2016-3984

medium Trellix
CVSS v3 Base Score
5.1
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
EPSS Score
0.3%
Exploitation probability in 30 days
Top 48% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Confidentiality
None
Integrity
Low
Availability
High
Published: April 8, 2016 (3689 days ago)
Last Modified: May 6, 2026
Vendor: Trellix
Source: NVD

Description

The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.

CWE

CWE-284

Affected Products

mcafee active responsemcafee agentmcafee data exchange layermcafee data loss prevention endpointmcafee endpoint securitymcafee host intrusion preventionmcafee virusscan enterprise

References

🔗 lab.mediaservice.net 🔗 seclists.org 🔗 www.securitytracker.com 🔗 kc.mcafee.com 🔗 www.exploit-db.com