DLL Preloading Vulnerability in Symantec Endpoint Protection Manager
CVE-2018-18367

7.8HIGH

Key Information:

Vendor: Symantec Corporation
Status: Symantec Endpoint Protection Manager
Vendor: CVE Published:; 25 April 2019

Summary

The Symantec Endpoint Protection Manager (SEPM) prior to and including version 12.1 RU6 MP9 and version 14.2 RU1 is prone to a DLL Preloading vulnerability. This occurs when an application attempts to load a Dynamic Link Library (DLL) file and fails to validate its origin, allowing an attacker to exploit this weakness by providing a malicious DLL. Successfully executing this attack could lead to unauthorized actions within the system, putting sensitive data at risk.

Affected Version(s)

Symantec Endpoint Protection Manager Prior to and including 12.1 RU6 MP9

Symantec Endpoint Protection Manager Prior to 14.2 RU1

References

https://support.symantec.com/en_US/article.SYMSA1479.html

x_refsource_CONFIRM

http://www.securityfocus.com/bid/107996

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 25, 2019
Vulnerability Reserved
Oct 15, 2018