CVE-2017-4028: SB10193 - consumer and corporate products - Maliciously misconfigured registry vulnerability
First published: Tue Apr 03 2018(Updated: )
Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mcafee Anti-virus Plus | ||
| Mcafee Endpoint Security | =10.2 | |
| Mcafee Host Intrusion Prevention | <=8.0 | |
| Mcafee Host Intrusion Prevention | =8.0-patch_1 | |
| Mcafee Host Intrusion Prevention | =8.0-patch_2 | |
| Mcafee Host Intrusion Prevention | =8.0-patch_3 | |
| Mcafee Host Intrusion Prevention | =8.0-patch_4 | |
| Mcafee Host Intrusion Prevention | =8.0-patch_5 | |
| Mcafee Host Intrusion Prevention | =8.0-patch_6 | |
| Mcafee Host Intrusion Prevention | =8.0-patch_7 | |
| Mcafee Host Intrusion Prevention | =8.0-patch_8 | |
| Mcafee Host Intrusion Prevention | =8.0-patch_9 | |
| Mcafee Internet Security | ||
| Mcafee Total Protection | ||
| Mcafee Virus Scan Enterprise | <=8.8 | |
| Mcafee Virus Scan Enterprise | =8.8-patch_9 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-4028?
The severity of CVE-2017-4028 is medium with a CVSS score of 4.4.
Which products are affected by CVE-2017-4028?
The affected products include McAfee Anti-virus Plus, McAfee Endpoint Security 10.2, McAfee Host Intrusion Prevention 8.0 (up to patch 9), McAfee Internet Security, McAfee Total Protection, and McAfee Virus Scan Enterprise 8.8 (up to patch 9).
How can an administrator exploit CVE-2017-4028?
An administrator can exploit CVE-2017-4028 by injecting arbitrary code into a debugged McAfee process through manipulation of registry parameters.
Are Microsoft Windows products vulnerable to CVE-2017-4028?
No, Microsoft Windows products are not vulnerable to CVE-2017-4028.
Where can I find more information about CVE-2017-4028?
You can find more information about CVE-2017-4028 at the following links: [SecurityFocus](http://www.securityfocus.com/bid/97958), [McAfee Knowledge Center](https://kc.mcafee.com/corporate/index?page=content&id=SB10193).
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/title
- agent/weakness
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/mcafee
- canonical/mcafee anti-virus plus
- canonical/mcafee endpoint security
- version/mcafee endpoint security/10.2
- canonical/mcafee host intrusion prevention
- version/mcafee host intrusion prevention/8.0
- version/mcafee host intrusion prevention/8.0-patch_1
- version/mcafee host intrusion prevention/8.0-patch_2
- version/mcafee host intrusion prevention/8.0-patch_3
- version/mcafee host intrusion prevention/8.0-patch_4
- version/mcafee host intrusion prevention/8.0-patch_5
- version/mcafee host intrusion prevention/8.0-patch_6
- version/mcafee host intrusion prevention/8.0-patch_7
- version/mcafee host intrusion prevention/8.0-patch_8
- version/mcafee host intrusion prevention/8.0-patch_9
- canonical/mcafee internet security
- canonical/mcafee total protection
- canonical/mcafee virus scan enterprise
- version/mcafee virus scan enterprise/8.8
- version/mcafee virus scan enterprise/8.8-patch_9
- vendor/microsoft
- canonical/microsoft windows