CVE-2017-4028 MEDIUM

CVE-2017-4028: SB10193 - consumer and corporate products - Maliciously misconfigured registry vulnerability

Vendor Mcafee
Product McAfee Anti-Virus Plus (AVP)
Published April 3, 2018
Last update September 17, 2024

CVSS base score

5.0/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction Required
Confidentiality None
Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N

What the vulnerability does

01Description

Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.

Key dates

02Disclosure timeline

April 3, 2018 CVE published
September 17, 2024 Record updated