Input Sanitization Flaw in Symantec Endpoint Protection
CVE-2016-9093

7HIGH

Key Information:

Vendor

Symantec Corporation

Status
Endpoint Protection
Vendor
CVE Published:
16 April 2018

What is CVE-2016-9093?

The vulnerability in the SymEvent Driver of Symantec Endpoint Protection allows inadequate sanitization of logged-in user input. This issue affects versions 12.1 RU6 MP6 and earlier. A non-admin user can exploit this vulnerability by saving and executing a specially crafted file, which can interact with the driver interface. On 32-bit systems, this results in system crashes, while in specific scenarios on 64-bit systems, it may enable unauthorized code execution with kernel-level privileges, leading to potential escalation of access rights for non-privileged users.

Affected Version(s)

Endpoint Protection Prior to SEP 12.1 RU6 MP7

References

http://www.securitytracker.com/id/1037961
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/96294
vdb-entryx_refsource_BID
https://www.symantec.com/security_response/securityupdate...
x_refsource_CONFIRM

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.