Privilege Escalation Issue in Symantec Endpoint Protection Software
CVE-2020-5820

7.8HIGH

Key Information:

Vendor: Symantec
Status: Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe)
Vendor: CVE Published:; 11 February 2020

Summary

The vulnerability found in Symantec Endpoint Protection and its Small Business Edition allows attackers to exploit the software, potentially gaining elevated privileges that would enable access to restricted resources. This could lead to unauthorized actions being performed on the system, posing significant security risks to affected environments. Users are encouraged to update their software to mitigate the risks associated with this vulnerability.

Affected Version(s)

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively

References

https://support.symantec.com/us/en/article.SYMSA1505.html

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2020
Vulnerability Reserved
Jan 6, 2020