Tamper-Protection Bypass in Symantec Endpoint Protection
CVE-2017-6331

7.1HIGH

Key Information:

Vendor

Symantec Corporation

Status
Symantec Endpoint Protection
Vendor
CVE Published:
6 November 2017

What is CVE-2017-6331?

Symantec Endpoint Protection, prior to SEP 14 RU1, is vulnerable to a Tamper-Protection Bypass. This vulnerability can be exploited to circumvent the real-time protection mechanisms designed to safeguard both servers and client applications. If successfully attacked, it could leave systems exposed to further malware or unauthorized access, thereby compromising sensitive data and organizational security.

Affected Version(s)

Symantec Endpoint Protection Prior to SEP 14 RU1

References

https://www.exploit-db.com/exploits/43134/
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/101502
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039775
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.