CVE-2016-4534
CVE-2016-4534 is a low-severity vulnerability in Mcafee Virusscan Enterprise with a CVSS 3.x base score of 3.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-264.
Key facts
- Severity: Low (CVSS 3.x base score 3.0)
- CVSS v2: 3.0
- EPSS exploit prediction: 2% (81st percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-264
- Affected product: Mcafee Virusscan Enterprise
- Published:
- Last modified:
Description
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.
Frequently asked questions
- What is CVE-2016-4534?
- The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.
- How severe is CVE-2016-4534?
- CVE-2016-4534 has a CVSS 3.x base score of 3.0, rated low severity. It is exploitable over local access with high attack complexity, requires high privileges and no user interaction. Impact on confidentiality is none, integrity low, and availability low.
- Is CVE-2016-4534 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (81st percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2016-4534?
- CVE-2016-4534 primarily affects Mcafee Virusscan Enterprise. In total, 2 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2016-4534?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2016-4534 published?
- CVE-2016-4534 was published on 2016-05-05 and last updated on 2026-06-17.
References
- http://packetstormsecurity.com/files/download/136089/mcafeevses-bypass.html
- http://seclists.org/fulldisclosure/2016/Mar/13
- http://www.securitytracker.com/id/1035754
- https://kc.mcafee.com/corporate/index?page=content&id=SB10158
- https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26485/en_US/VSE_8_8_HF1123565_release_notes.pdf
- https://lab.mediaservice.net/advisory/2016-01-mcafee.txt
- https://www.exploit-db.com/exploits/39531/
Affected products (2)
- cpe:2.3:a:mcafee:virusscan_enterprise:8.8.0:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
More vulnerabilities in Mcafee Virusscan Enterprise
- CVE-2009-5118 — Critical (CVSS 9.3): Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges…
- CVE-2020-7267 — High (CVSS 8.8): Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows…
- CVE-2020-7266 — High (CVSS 8.8): Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778…
- CVE-2016-8024 — High (CVSS 8.1): Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux…
- CVE-2016-8023 — High (CVSS 8.1): Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3…
- CVE-2016-8020 — High (CVSS 8.0): Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and…
All CVEs affecting Mcafee Virusscan Enterprise →
Other CWE-264 (Permissions, Privileges, and Access Controls) vulnerabilities
- CVE-2016-8363 — Critical (CVSS 10.0): An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232…
- CVE-2016-7457 — Critical (CVSS 10.0): VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt…
- CVE-2015-7425 — Critical (CVSS 10.0): The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data…
- CVE-2015-8267 — Critical (CVSS 10.0): The PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll in Dovestones AD Self…
- CVE-2015-7919 — Critical (CVSS 10.0): SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of…
- CVE-2015-7071 — Critical (CVSS 10.0): The File Bookmark component in Apple OS X before 10.11.2 allows attackers to bypass a sandbox protection mechanism for…
Browse all CWE-264 (Permissions, Privileges, and Access Controls) vulnerabilities →