Local Privilege Escalation Vulnerability in Symantec PGP and Encryption Desktop
CVE-2013-1610

Currently unrated

Key Information:

Vendor: Symantec
Status: Pgp Desktop; Encryption Desktop
Vendor: CVE Published:; 5 August 2013

Summary

A local privilege escalation vulnerability exists in the RDDService of Symantec PGP Desktop and Encryption Desktop. This issue is caused by an unquoted search path, allowing local users to execute a Trojan horse application placed in the %SYSTEMDRIVE% directory, potentially granting unauthorized access and control over the system. Users employing affected versions of these Symantec products are advised to take immediate action to mitigate the risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/61489

vdb-entryx_refsource_BID

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 5, 2013