5.5

CVE-2016-4025

EPSS 0.06%
Published 03.11.2016 10:59:02
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Avast ≫ Business Security Version11.1.2241

Avast ≫ Business Security Version11.1.2245

Avast ≫ Business Security Version11.1.2253

Avast ≫ Business Security Version11.1.2260

Avast ≫ Business Security Version11.1.2261

Avast ≫ Business Security Version11.1.2262

Avast ≫ Free Antivirus Version11.1.2241

Avast ≫ Free Antivirus Version11.1.2245

Avast ≫ Free Antivirus Version11.1.2253

Avast ≫ Free Antivirus Version11.1.2260

Avast ≫ Free Antivirus Version11.1.2261

Avast ≫ Free Antivirus Version11.1.2262

Avast ≫ Internet Security Version11.1.2241

Avast ≫ Internet Security Version11.1.2245

Avast ≫ Internet Security Version11.1.2253

Avast ≫ Internet Security Version11.1.2260

Avast ≫ Internet Security Version11.1.2261

Avast ≫ Internet Security Version11.1.2262

Avast ≫ Premier Version11.1.2241

Avast ≫ Premier Version11.1.2245

Avast ≫ Premier Version11.1.2253

Avast ≫ Premier Version11.1.2260

Avast ≫ Premier Version11.1.2261

Avast ≫ Premier Version11.1.2262

Avast ≫ Pro Antivirus Version11.1.2241

Avast ≫ Pro Antivirus Version11.1.2245

Avast ≫ Pro Antivirus Version11.1.2253

Avast ≫ Pro Antivirus Version11.1.2260

Avast ≫ Pro Antivirus Version11.1.2261

Avast ≫ Pro Antivirus Version11.1.2262

Avast ≫ Email Server Security Version <= 8.0.1609

Avast ≫ Email Server Security Version8.0.1606

Avast ≫ Endpoint Protection Version <= 8.0.1609

Avast ≫ Endpoint Protection Version8.0.1606

Avast ≫ Endpoint Protection Plus Version8.0.1606

Avast ≫ Endpoint Protection Plus Version8.0.1609

Avast ≫ Endpoint Protection Suite Version <= 8.0.1609

Avast ≫ Endpoint Protection Suite Version8.0.1606

Avast ≫ Endpoint Protection Suite Plus Version <= 8.0.1609

Avast ≫ Endpoint Protection Suite Plus Version8.0.1606

Avast ≫ File Server Security Version <= 8.0.1609

Avast ≫ File Server Security Version8.0.1606

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.188

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:P/A:N

https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/

Third Party Advisory

Technical Description

https://nvd.nist.gov/vuln/detail/CVE-2016-4025

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-4025

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-4025

EUVD