CVE-2015-8986Advanced Threat Defense vulnerability

CWE-2544 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 58.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mcafee Advanced Threat DefenseIntel Advanced Threat Defense
Timeline
PublishedMar 14
Latest updateMay 17

Description

Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5intel/advanced_threat_defense3.4.2.32 and earlier

🔴Vulnerability Details

2
GHSA
GHSA-fx5p-69q8-6fj8: Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 32022-05-17
CVEList
CVE-2015-8986: Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 32017-03-14

💬Community

1
Bugzilla
CVE-2015-8980 php-php-gettext: Arbitrary code execution in select_string, ngettext and npgettext count parameter2016-08-16
CVE-2015-8986 — Mcafee vulnerability | cvebase