CVE-2015-8986

MEDIUM

McAfee Advanced Threat Defense < 3.4.2.32 - Sandbox Detection Evasion via Crafted Malware

Title source: llm
STIX 2.1

Description

Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware.

References (1)

Core 1
Core References
Mitigation, Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10096

Scores

CVSS v3 5.5
EPSS 0.0019
EPSS Percentile 41.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-254
Status published
Products (2)
Intel/Advanced Threat Defense (MATD) 3.4.2.32 and earlier
mcafee/advanced_threat_defense < 3.4.2.32
Published Mar 14, 2017
Tracked Since Feb 18, 2026