CVE-2015-8113

Name of the Vulnerable Software and Affected Versions Symantec Endpoint Protection versions prior to 12.1-RU6-MP3

Description The issue is related to an untrusted search path vulnerability in the client, allowing local users to gain privileges via a Trojan horse DLL in a client install package. This vulnerability exists due to an incomplete fix for a previous issue.

Recommendations For versions prior to 12.1-RU6-MP3, update to 12.1-RU6-MP3 or later to resolve the issue. As a temporary workaround, consider restricting the installation of client packages from untrusted sources to minimize the risk of exploitation.