CVE-2016-3983 — Insufficient Verification of Data Authenticity in Advanced Threat Defense

CWE-345 — Insufficient Verification of Data Authenticity3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.2%

top 60.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee Advanced Threat Defense

Timeline

PublishedApr 8

Latest updateMay 17

Description

McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDmcafee/advanced_threat_defense3.4.4.142

🔴Vulnerability Details

GHSA

GHSA-rgpq-8hgg-5c2q: McAfee Advanced Threat Defense (ATD) before 3↗2022-05-17

▶

CVEList

CVE-2016-3983: McAfee Advanced Threat Defense (ATD) before 3↗2016-04-08

▶