Bypass Security Vulnerability in Symantec Norton App Lock
CVE-2016-6591

7.1HIGH

Key Information:

Vendor: Symantec
Status: Norton App Lock
Vendor: CVE Published:; 8 January 2020

Summary

A security bypass vulnerability has been identified in Symantec Norton App Lock 1.0.3.186 and earlier versions. This flaw primarily affects systems with application pinning enabled, potentially allowing a local malicious user to circumvent implemented security measures and access restricted functionalities. It is crucial for users and administrators to review their configurations and apply any available updates to mitigate this risk.

Affected Version(s)

Norton App Lock 1.0.3.186 and earlier

References

http://www.securityfocus.com/bid/94343

x_refsource_MISC

https://support.symantec.com/us/en/article.symsa1386.html

x_refsource_CONFIRM

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jan 8, 2020
Vulnerability Reserved
Aug 3, 2016