CVE-2018-12238
Key Information:
- Vendor
- Symantec Corporation
- Status
- Norton; Symantec Endpoint Protection (sep); Symantec Endpoint Protection Small Business Edition (sep Sbe); Symantec Endpoint Protection Cloud (sep Cloud)
- Vendor
- CVE Published:
- 29 November 2018
Summary
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.
Affected Version(s)
Norton; Symantec Endpoint Protection (SEP); Symantec Endpoint Protection Small Business Edition (SEP SBE); Symantec Endpoint Protection Cloud (SEP Cloud) Prior to 22.15 [Norton]
Norton; Symantec Endpoint Protection (SEP); Symantec Endpoint Protection Small Business Edition (SEP SBE); Symantec Endpoint Protection Cloud (SEP Cloud) Prior to 12.1.7454.7000 & 14.2 [Symantec Endpoint Protection (SEP)]
Norton; Symantec Endpoint Protection (SEP); Symantec Endpoint Protection Small Business Edition (SEP SBE); Symantec Endpoint Protection Cloud (SEP Cloud) Prior to NIS-22.15.1.8 & SEP-12.1.7454.7000 [Symantec Endpoint Protection Small Business Edition (SEP SBE)]
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved