CVE-2016-4025

Published Nov 3, 2016

Last updated 8 years ago

CVSS medium 5.5

Overview

Description: Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-254

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:avast:business_security:11.1.2241:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD7F8F8F-B719-4507-9AED-FFB2C6548966"
          },
          {
            "criteria": "cpe:2.3:a:avast:business_security:11.1.2245:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74137F72-BE60-40CE-8DDA-A3A537EE7F7F"
          },
          {
            "criteria": "cpe:2.3:a:avast:business_security:11.1.2253:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28A89E27-EE44-42ED-947C-6CAAAF47DC3E"
          },
          {
            "criteria": "cpe:2.3:a:avast:business_security:11.1.2260:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E684724-98FC-4383-A8E0-7ADA9DFB63C4"
          },
          {
            "criteria": "cpe:2.3:a:avast:business_security:11.1.2261:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42B26560-F8DB-4DDA-B3CF-30AFE90C22C6"
          },
          {
            "criteria": "cpe:2.3:a:avast:business_security:11.1.2262:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAB67D3F-9824-4176-B59B-E2BD28EC4C3F"
          },
          {
            "criteria": "cpe:2.3:a:avast:free_antivirus:11.1.2241:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62607F64-4AA3-4286-8ACC-AF1AC98C9C31"
          },
          {
            "criteria": "cpe:2.3:a:avast:free_antivirus:11.1.2245:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FDB3978-FF4A-49F6-84D2-323B8D92F3C5"
          },
          {
            "criteria": "cpe:2.3:a:avast:free_antivirus:11.1.2253:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B3B5423-632F-4B1E-894E-746976D0BE4B"
          },
          {
            "criteria": "cpe:2.3:a:avast:free_antivirus:11.1.2260:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C682E3D5-9051-490A-B091-7A7580970B86"
          },
          {
            "criteria": "cpe:2.3:a:avast:free_antivirus:11.1.2261:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B408F0F-31F0-4D14-BC9D-B97568F86A09"
          },
          {
            "criteria": "cpe:2.3:a:avast:free_antivirus:11.1.2262:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD2591E4-E203-4C17-B1F1-C1F61C5B3E3B"
          },
          {
            "criteria": "cpe:2.3:a:avast:internet_security:11.1.2241:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "941EADBE-7A31-4281-8D8E-9CF39D919865"
          },
          {
            "criteria": "cpe:2.3:a:avast:internet_security:11.1.2245:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0FFCEEA-55DC-4640-BA0F-8B1D44FD5017"
          },
          {
            "criteria": "cpe:2.3:a:avast:internet_security:11.1.2253:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3EF50776-252D-44D4-B87B-4CEDBF533A61"
          },
          {
            "criteria": "cpe:2.3:a:avast:internet_security:11.1.2260:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BB93D9E-98A1-4F3A-8796-9C2A4791B019"
          },
          {
            "criteria": "cpe:2.3:a:avast:internet_security:11.1.2261:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "962B6E6C-1808-450D-921F-6B89FABBE71F"
          },
          {
            "criteria": "cpe:2.3:a:avast:internet_security:11.1.2262:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAE5C6E1-4F99-4B33-BBE3-D8E5B536AF51"
          },
          {
            "criteria": "cpe:2.3:a:avast:premier:11.1.2241:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51C30573-F046-4FA7-87CB-355C848249A5"
          },
          {
            "criteria": "cpe:2.3:a:avast:premier:11.1.2245:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45045184-5F6D-4878-B6A4-D3049FB73FB4"
          },
          {
            "criteria": "cpe:2.3:a:avast:premier:11.1.2253:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA713EB7-F992-43AD-B59C-B237CB584BC8"
          },
          {
            "criteria": "cpe:2.3:a:avast:premier:11.1.2260:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D1EB05A-EC69-4DAB-8514-DC0CEC62D594"
          },
          {
            "criteria": "cpe:2.3:a:avast:premier:11.1.2261:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC05DA03-8761-4514-AD24-840E247B71B5"
          },
          {
            "criteria": "cpe:2.3:a:avast:premier:11.1.2262:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1B25F32-1927-48D2-9211-97CD6C0CF648"
          },
          {
            "criteria": "cpe:2.3:a:avast:pro_antivirus:11.1.2241:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA634DA9-F172-44A0-97B8-0813116FE7F0"
          },
          {
            "criteria": "cpe:2.3:a:avast:pro_antivirus:11.1.2245:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17DCA49C-BFBD-43BC-925A-3100AA4FC6FE"
          },
          {
            "criteria": "cpe:2.3:a:avast:pro_antivirus:11.1.2253:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30B89F5F-E2D6-40E3-8AAB-E8A3AECFC0FA"
          },
          {
            "criteria": "cpe:2.3:a:avast:pro_antivirus:11.1.2260:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7FCC052-752E-4209-BD20-8B7FDEE8EB93"
          },
          {
            "criteria": "cpe:2.3:a:avast:pro_antivirus:11.1.2261:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F400F9A3-27A3-439B-BC71-BF3E309CB3B7"
          },
          {
            "criteria": "cpe:2.3:a:avast:pro_antivirus:11.1.2262:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0519F925-5B4E-48BD-9D0D-BDA59773F107"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:avast:email_server_security:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6E4BEE8-8F3E-48BA-ABB5-BD973988A65B",
            "versionEndIncluding": "8.0.1609"
          },
          {
            "criteria": "cpe:2.3:a:avast:email_server_security:8.0.1606:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCE04B0A-4555-4745-A1DA-BC1C0697A9F8"
          },
          {
            "criteria": "cpe:2.3:a:avast:endpoint_protection:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C0A3804-C553-4C1F-8829-9BE203C846E6",
            "versionEndIncluding": "8.0.1609"
          },
          {
            "criteria": "cpe:2.3:a:avast:endpoint_protection:8.0.1606:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3286C3D1-22CA-4AE6-B928-4E3641DE9444"
          },
          {
            "criteria": "cpe:2.3:a:avast:endpoint_protection_plus:8.0.1606:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A4FE625-9737-481F-B4D6-F5CD2E59BD5E"
          },
          {
            "criteria": "cpe:2.3:a:avast:endpoint_protection_plus:8.0.1609:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C821158E-F617-450E-932E-9443CF4214B5"
          },
          {
            "criteria": "cpe:2.3:a:avast:endpoint_protection_suite:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA6FA8F9-E4B7-4BD6-8E06-A149621258A1",
            "versionEndIncluding": "8.0.1609"
          },
          {
            "criteria": "cpe:2.3:a:avast:endpoint_protection_suite:8.0.1606:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EB1F2FD-F5EA-47C3-AD62-8E75910B1262"
          },
          {
            "criteria": "cpe:2.3:a:avast:endpoint_protection_suite_plus:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D56E3AA-DCA8-4ED8-8FA4-AF22EFD53E25",
            "versionEndIncluding": "8.0.1609"
          },
          {
            "criteria": "cpe:2.3:a:avast:endpoint_protection_suite_plus:8.0.1606:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48365E94-3477-4662-951F-2E8A0B878BED"
          },
          {
            "criteria": "cpe:2.3:a:avast:file_server_security:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4DC12C0-E975-4081-9727-C0A2C7697228",
            "versionEndIncluding": "8.0.1609"
          },
          {
            "criteria": "cpe:2.3:a:avast:file_server_security:8.0.1606:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A134B646-A38A-4B78-AEAE-EB635BFC3501"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References