PT-2017-13011 · Symantec · Symantec Endpoint Protection+1

Published

2017-11-06

Updated

2019-10-03

CVE-2017-13681

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Symantec Endpoint Protection versions prior to 12.1 RU6 MP9

Description The issue is a privilege escalation vulnerability, which allows a user to gain elevated access to resources normally protected at lower access levels. The capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem, making it not feasible in a standard drive-by type attack.

Recommendations For Symantec Endpoint Protection versions prior to 12.1 RU6 MP9, update to version 12.1 RU6 MP9 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-13681

Affected Products

Symantec Endpoint Protection

Symantec Endpoint Protection Client

PT-2017-13011 · Symantec · Symantec Endpoint Protection+1

CVE-2017-13681

Related Identifiers

Affected Products

References · 5