CVE-2015-8986 - Vulnerability Details - OpenCVE

Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00194.

Key SSVC decision points have not yet been added.

Vendors	Products
Mcafee	Advanced Threat Defense

Configuration 1 [-]

cpe:2.3:a:mcafee:advanced_threat_defense:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2015-8840	Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://kc.mcafee.com/corporate/index?page=content&id=SB10096

History

No history.

MITRE

Status: PUBLISHED

Assigner: intel

Published: 2017-03-14T22:00:00

Updated: 2024-08-06T08:36:31.678Z

Reserved: 2017-02-27T00:00:00

Link: CVE-2015-8986

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2017-03-14T22:59:00.353

Modified: 2025-04-20T01:37:25.860

Link: CVE-2015-8986

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "Advanced Threat Defense (MATD)", "vendor": "Intel", "versions": [{"status": "affected", "version": "3.4.2.32 and earlier"}]}], "datePublic": "2015-01-09T00:00:00", "descriptions": [{"lang": "en", "value": "Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware."}], "problemTypes": [{"descriptions": [{"description": "Sandbox detection evasion vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-03-14T21:57:01", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@intel.com", "ID": "CVE-2015-8986", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Advanced Threat Defense (MATD)", "version": {"version_data": [{"version_value": "3.4.2.32 and earlier"}]}}]}, "vendor_name": "Intel"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Sandbox detection evasion vulnerability"}]}]}, "references": {"reference_data": [{"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:36:31.678Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096"}]}]}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2015-8986", "datePublished": "2017-03-14T22:00:00", "dateReserved": "2017-02-27T00:00:00", "dateUpdated": "2024-08-06T08:36:31.678Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:advanced_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "94EB3C66-FF13-44B9-8604-7BA6B465CCCA", "versionEndIncluding": "3.4.2.32", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware."}, {"lang": "es", "value": "Vulnerabilidad de evasi\u00f3n de detecci\u00f3n Sandbox en dispositivos hardware en McAfee (ahora Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 y versiones anteriores permite a atacantes detectar el entorno de la caja de seguridad, y entonces eludir la adecuada detecci\u00f3n de malware, lo que resulta en el fallo de detecci\u00f3n de un archivo malware (falsos negativos) a trav\u00e9s de malware especialmente manipulado."}], "id": "CVE-2015-8986", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-03-14T22:59:00.353", "references": [{"source": "secure@intel.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10096"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-254"}], "source": "nvd@nist.gov", "type": "Primary"}]}