Vulnerability in McAfee LiveSafe Allows Unauthorized Modification of Windows Registry

Vulnerability in McAfee LiveSafe Allows Unauthorized Modification of Windows Registry

CVE-2017-3898 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response.

Learn more about our Network Penetration Testing.