Privilege Escalation Vulnerability in Symantec Endpoint Protection and Small Business Edition
CVE-2019-12757

7.8HIGH

Key Information:

Vendor: Symantec
Status: Symantec Endpoint Protection (sep), Symantec Endpoint Protection Small Business Edition (sep Sbe)
Vendor: CVE Published:; 15 November 2019

Summary

Symantec Endpoint Protection (SEP) and its Small Business Edition are affected by a privilege escalation vulnerability. This issue allows attackers to potentially gain elevated access to restricted resources, posing a significant risk to system integrity. Attackers exploiting this vulnerability could compromise the application, leading to unauthorized access and manipulation of sensitive data. It is crucial for users of affected SEP versions to apply the latest security patches and updates to safeguard their systems from exploitation.

Affected Version(s)

Symantec Endpoint Protection (SEP), Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 14.2 RU2 & 12.1 RU6 MP10, prior to 12.1 RU6 MP10d (12.1.7510.7002)

References

https://support.symantec.com/us/en/article.SYMSA1488.html

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2019
Vulnerability Reserved
Jun 6, 2019