Kernel Memory Disclosure in Symantec Norton Security and SEP Products
CVE-2018-18366
6.5MEDIUM
What is CVE-2018-18366?
A vulnerability exists in Symantec Norton Security and SEP products, where a specially crafted IRP request can lead to kernel memory disclosure. This issue allows the driver to return uninitialized memory, potentially exposing sensitive data in the system memory. Users of affected versions are advised to upgrade their software to mitigate the risk and enhance the security of their systems.
Affected Version(s)
Norton Security Prior to 22.16.3
SEP (Windows client) Prior to and including 12.1 RU6 MP9
SEP (Windows client) Prior to 14.2 RU1