CVE-2016-6590
7.8HIGH
Key Information
- Vendor
- Symantec
- Status
- It Management Suite
- Ghost Solution Suite
- Symantec Endpoint Virtualization
- Encryption Desktop
- Vendor
- CVE Published:
- 8 January 2020
Summary
A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.
Affected Version(s)
IT Management Suite = 8.0 prior to 8.0 HF4 and 7.6 prior to 7.6 HF7
Ghost Solution Suite = 3.1 prior to 3.1 MP4
Symantec Endpoint Virtualization = 7.x prior to 7.6 HF
Refferences
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database