Privilege Escalation Vulnerability in Symantec Endpoint Protection Products
CVE-2020-5823

7.8HIGH

Key Information:

Vendor: Symantec
Status: Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe)
Vendor: CVE Published:; 11 February 2020

Summary

Certain versions of Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) may allow attackers to exploit a privilege escalation vulnerability. This flaw could enable unauthorized access to protected resources, compromising the application's integrity and security posture. Users are encouraged to update their software to the latest versions to mitigate potential security risks.

Affected Version(s)

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively

References

https://support.symantec.com/us/en/article.SYMSA1505.html

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2020
Vulnerability Reserved
Jan 6, 2020