Privilege Escalation Vulnerability in Symantec Endpoint Protection Manager
CVE-2018-18368

7.8HIGH

Key Information:

Vendor: Symantec
Status: Symantec Endpoint Protection Manager (sepm)
Vendor: CVE Published:; 15 November 2019

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2018-18368?

The Symantec Endpoint Protection Manager (SEPM) software, prior to version 14.2 RU1, has been identified as being susceptible to a privilege escalation flaw. This vulnerability may allow an attacker to exploit the application, leading to unauthorized access to privileged resources that are typically restricted from application or user access. This can pose significant risks to system integrity and data security.

Affected Version(s)

Symantec Endpoint Protection Manager (SEPM) prior to 14.2 RU1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

SEPM-EoP
Created by DimopoulosElias

References

https://support.symantec.com/us/en/article.SYMSA1488.html

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 15, 2019
🟡
Public PoC available
Jul 27, 2019
👾
Exploit known to exist
Jul 27, 2019
Vulnerability Reserved
Oct 15, 2018