CVE-2019-3663

CRITICAL

McAfee Advanced Threat Defense < 4.8 - Unprotected Storage of Credentials

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-3663. PoCs published by funoverip.

AI-analyzed exploit summary This PoC demonstrates an authentication bypass via a hardcoded root password in McAfee ATD. The exploit leverages the 'lb' user's custom shell to execute arbitrary commands, achieving root access.

Description

Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details

Exploits (1)

nomisec WORKING POC 1 stars

by funoverip · poc

https://github.com/funoverip/mcafee_atd_CVE-2019-3663

View Code ZIP pw:eip

This PoC demonstrates an authentication bypass via a hardcoded root password in McAfee ATD. The exploit leverages the 'lb' user's custom shell to execute arbitrary commands, achieving root access.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: McAfee Advanced Threat Defense ATD 4.6.x and earlier

No auth needed

Prerequisites: Network access to the target system · SSH access to port 2222

MITRE ATT&CK

T1078 - Valid Accounts T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://kc.mcafee.com/corporate/index?page=content&id=SB10304

Scores

CVSS v3 9.8

EPSS 0.0044

EPSS Percentile 63.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-522

Status published

Products (1)

mcafee/advanced_threat_defense < 4.8

Published Nov 14, 2019

Tracked Since Feb 18, 2026