Out of Bounds Vulnerability in Symantec Endpoint Protection Products
CVE-2020-5826

5.5MEDIUM

Key Information:

Vendor: Symantec
Status: Symantec Endpoint Protection (sep) And Symantec Endpoint Protection Small Business Edition (sep Sbe)
Vendor: CVE Published:; 11 February 2020

Summary

Symantec Endpoint Protection and its Small Business Edition may encounter an out of bounds vulnerability that allows the application to read memory outside its allocated bounds. This could lead to potentially exploitable situations where sensitive information could be accessed by unauthorized entities. It is crucial for users of these products to ensure they are running the latest versions to mitigate such risks.

Affected Version(s)

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively

References

https://support.symantec.com/us/en/article.SYMSA1505.html

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2020
Vulnerability Reserved
Jan 6, 2020