CVE-2016-8021

MEDIUM

Intel Security VirusScan Enterprise Linux <2.0.3 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-8021. PoCs published by Andrew Fasano.

AI-analyzed exploit summary This exploit chains multiple vulnerabilities (CVE-2016-8016 to CVE-2016-8025) in McAfee ePolicy Orchestrator to achieve remote code execution as root. It cracks authentication cookies, manipulates update servers, and executes arbitrary payloads via SQL injection and file write vulnerabilities.

Description

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Andrew Fasano · pythonremotelinux

https://www.exploit-db.com/exploits/40911

View Code ZIP pw:eip

This exploit chains multiple vulnerabilities (CVE-2016-8016 to CVE-2016-8025) in McAfee ePolicy Orchestrator to achieve remote code execution as root. It cracks authentication cookies, manipulates update servers, and executes arbitrary payloads via SQL injection and file write vulnerabilities.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: McAfee ePolicy Orchestrator (versions affected by CVE-2016-8016 to CVE-2016-8025)

No auth needed

Prerequisites: Network access to the target · Ability to host a malicious update server · Payload script (payload.sh)

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/94823

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1037433

Vendor Advisory x_refsource_confirm

https://kc.mcafee.com/corporate/index?page=content&id=SB10181

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40911/

Scores

CVSS v3 5.0

EPSS 0.0326

EPSS Percentile 86.8%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

Details

CWE

CWE-347

Status published

Products (2)

Intel/VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier)

mcafee/virusscan_enterprise < 2.0.3

Published Mar 14, 2017

Tracked Since Feb 18, 2026