Input Sanitization Flaw in Symantec Endpoint Protection
CVE-2016-9093
7HIGH
What is CVE-2016-9093?
The vulnerability in the SymEvent Driver of Symantec Endpoint Protection allows inadequate sanitization of logged-in user input. This issue affects versions 12.1 RU6 MP6 and earlier. A non-admin user can exploit this vulnerability by saving and executing a specially crafted file, which can interact with the driver interface. On 32-bit systems, this results in system crashes, while in specific scenarios on 64-bit systems, it may enable unauthorized code execution with kernel-level privileges, leading to potential escalation of access rights for non-privileged users.
Affected Version(s)
Endpoint Protection Prior to SEP 12.1 RU6 MP7