CVE-2015-4523

EUVD-2015-4543
Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or execute arbitrary code via vectors related to saving files during analysis.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 CRITICAL
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
symantecmalware_analysis_appliance
𝑥
≤ 4.2
symantecmalware_analyzer_g2
𝑥
≤ 3.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://bto.bluecoat.com/security-advisory/sa97
https://bto.bluecoat.com/security-advisory/sa97