DLL Preloading Vulnerability in Symantec Endpoint Protection Manager
CVE-2018-18367
7.8HIGH
What is CVE-2018-18367?
The Symantec Endpoint Protection Manager (SEPM) prior to and including version 12.1 RU6 MP9 and version 14.2 RU1 is prone to a DLL Preloading vulnerability. This occurs when an application attempts to load a Dynamic Link Library (DLL) file and fails to validate its origin, allowing an attacker to exploit this weakness by providing a malicious DLL. Successfully executing this attack could lead to unauthorized actions within the system, putting sensitive data at risk.
Affected Version(s)
Symantec Endpoint Protection Manager Prior to and including 12.1 RU6 MP9
Symantec Endpoint Protection Manager Prior to 14.2 RU1