Vulnerability Details : CVE-2016-8732
Potential exploit
Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303. Weak restrictions on the driver communication channel and additional insufficient checks allow any application to turn off some of the protection mechanisms provided by the Invincea product.
Products affected by CVE-2016-8732
- cpe:2.3:a:sophos:invincea_dell_protected_workspace:5.1.1-22303:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-8732
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 18 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-8732
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
|
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
Talos | |
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-8732
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-8732
-
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0246
TALOS-2016-0246 || Cisco Talos Intelligence Group - Comprehensive Threat IntelligenceExploit;Technical Description;Third Party Advisory
-
http://www.securityfocus.com/bid/99360
Multiple Dell Products are Multiple Security VulnerabilitiesBroken Link;Third Party Advisory;VDB Entry
Jump to