CVE-2020-5825

5.5MEDIUM

Key Information

Vendor: Symantec
Status: Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe)
Vendor: CVE Published:; 11 February 2020

Summary

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.

Affected Version(s)

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) = Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively

Refferences

https://support.symantec.com/us/en/article.SYMSA1505.html

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2020
Vulnerability Reserved
Jan 6, 2020

Collectors

NVD DatabaseMitre Database