Privilege Escalation Vulnerability in Symantec Endpoint Protection
CVE-2019-18372

7.8HIGH

Key Information:

Vendor: Symantec
Status: Symantec Endpoint Protection
Vendor: CVE Published:; 15 November 2019

What is CVE-2019-18372?

Symantec Endpoint Protection versions prior to 14.2 RU2 are vulnerable to a privilege escalation issue. This vulnerability allows attackers to exploit the application to gain elevated permissions, enabling access to protected system resources. Attackers could potentially leverage this security gap to execute unauthorized actions, compromising the integrity and security of critical systems managed by Symantec Endpoint Protection.

Affected Version(s)

Symantec Endpoint Protection prior to 14.2 RU2

References

https://support.symantec.com/us/en/article.SYMSA1488.html

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 15, 2019
Vulnerability Reserved
Oct 23, 2019