Symantec · Symantec Endpoint Protection · CVE-2022-25631
**Name of the Vulnerable Software and Affected Versions**
Symantec Endpoint Protection versions prior to 14.3 RU6 (14.3.9210.6000)
**Description**
The issue is related to insufficient access control in Symantec Endpoint Protection, which may allow an attacker to elevate their privileges. This could enable an attacker to compromise the software application and gain elevated access.
**Recommendations**
For Symantec Endpoint Protection versions prior to 14.3 RU6 (14.3.9210.6000), update to version 14.3 RU6 (14.3.9210.6000) or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.