CVE-2016-4025

Name: CVE-2016-4025
Creator: NVD / NIST
Published: 2016-11-03T10:59:02.557+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.39%

Last modified Jun 17, 2026

CVE-2016-4025 is a vulnerability of currently unknown severity. Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.. EPSS estimates a 0.39% chance of exploitation in the next 30 days.

Description

Avast Internet Security v11.x.x, Pro Antivirus v11.x.x, Premier v11.x.x, Free Antivirus v11.x.x, Business Security v11.x.x, Endpoint Protection v8.x.x, Endpoint Protection Plus v8.x.x, Endpoint Protection Suite v8.x.x, Endpoint Protection Suite Plus v8.x.x, File Server Security v8.x.x, and Email Server Security v8.x.x allow attackers to bypass the DeepScreen feature via a DeviceIoControl call.

Metrics

EPSS Probability

0.39%

30.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-254

Affected Software

Vendor	Product	Versions
Avast	Business Security	11.1.2241
Avast	Business Security	11.1.2245
Avast	Business Security	11.1.2253
Avast	Business Security	11.1.2260
Avast	Business Security	11.1.2261
Avast	Business Security	11.1.2262
Avast	Free Antivirus	11.1.2241
Avast	Free Antivirus	11.1.2245
Avast	Free Antivirus	11.1.2253
Avast	Free Antivirus	11.1.2260
Avast	Free Antivirus	11.1.2261
Avast	Free Antivirus	11.1.2262
Avast	Internet Security	11.1.2241
Avast	Internet Security	11.1.2245
Avast	Internet Security	11.1.2253
Avast	Internet Security	11.1.2260
Avast	Internet Security	11.1.2261
Avast	Internet Security	11.1.2262
Avast	Premier	11.1.2241
Avast	Premier	11.1.2245
Avast	Premier	11.1.2253
Avast	Premier	11.1.2260
Avast	Premier	11.1.2261
Avast	Premier	11.1.2262
Avast	Pro Antivirus	11.1.2241
Avast	Pro Antivirus	11.1.2245
Avast	Pro Antivirus	11.1.2253
Avast	Pro Antivirus	11.1.2260
Avast	Pro Antivirus	11.1.2261
Avast	Pro Antivirus	11.1.2262
Avast	Email Server Security	<= 8.0.1609
Avast	Email Server Security	8.0.1606
Avast	Endpoint Protection	<= 8.0.1609
Avast	Endpoint Protection	8.0.1606
Avast	Endpoint Protection Plus	8.0.1606
Avast	Endpoint Protection Plus	8.0.1609
Avast	Endpoint Protection Suite	<= 8.0.1609
Avast	Endpoint Protection Suite	8.0.1606
Avast	Endpoint Protection Suite Plus	<= 8.0.1609
Avast	Endpoint Protection Suite Plus	8.0.1606
Avast	File Server Security	<= 8.0.1609
Avast	File Server Security	8.0.1606

References

https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/Technical Description, Third Party Advisory
https://labs.nettitude.com/blog/escaping-avast-sandbox-using-single-ioctl-cve-2016-4025/Technical Description, Third Party Advisory

Timeline

Published: Nov 3, 2016
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-4025?

How severe is CVE-2016-4025?

Severity scoring for CVE-2016-4025 is pending analysis. The EPSS model estimates a 0.39% probability of exploitation in the next 30 days.

How do I fix CVE-2016-4025?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-4025?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST