PT-2026-5143 · Symantec · Symantec Endpoint Protection

Gregory Draperi

Publicado

2026-01-28

Atualizado

2026-01-30

CVE-2025-13919

CVSS v3.1

4.4

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions Symantec Endpoint Protection versions prior to 14.3 RU10 Patch 1 Symantec Endpoint Protection versions prior to 14.3 RU9 Patch 2 Symantec Endpoint Protection versions prior to 14.3 RU8 Patch 3

Description The software may be susceptible to a COM Hijacking issue. This type of issue allows an attacker to attempt to establish persistence and evade detection by hijacking COM references in the Windows Registry.

Recommendations Update to Symantec Endpoint Protection 14.3 RU10 Patch 1 or later. Update to Symantec Endpoint Protection 14.3 RU9 Patch 2 or later. Update to Symantec Endpoint Protection 14.3 RU8 Patch 3 or later.

Correção

Uncontrolled Search Path Element

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-427

Identificadores relacionados

CVE-2025-13919

Produtos afetados

Symantec Endpoint Protection

PT-2026-5143 · Symantec · Symantec Endpoint Protection

CVE-2025-13919

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5