CVE-2018-12239

Name of the Vulnerable Software and Affected Versions Norton versions prior to 22.15 Symantec Endpoint Protection (SEP) versions prior to 12.1.7454.7000 and 14.2 Symantec Endpoint Protection Small Business Edition (SEP SBE) versions prior to NIS-22.15.1.8 and SEP-12.1.7454.7000 Symantec Endpoint Protection Cloud (SEP Cloud) version prior to 22.15.1

Description The issue is related to an AV bypass, which is a type of exploit that circumvents one of the virus detection engines to avoid a specific type of virus protection. The antivirus engine relies on a signature pattern from a database to identify malicious files and viruses. The exploit alters the file being scanned so it is not detected.

Recommendations For Norton versions prior to 22.15, update to version 22.15 or later. For Symantec Endpoint Protection (SEP) versions prior to 12.1.7454.7000 and 14.2, update to version 12.1.7454.7000 or later for the 12.1 branch, and ensure version 14.2 or later for the 14.2 branch. For Symantec Endpoint Protection Small Business Edition (SEP SBE) versions prior to NIS-22.15.1.8 and SEP-12.1.7454.7000, update to NIS-22.15.1.8 or later and SEP-12.1.7454.7000 or later. For Symantec Endpoint Protection Cloud (SEP Cloud) version prior to 22.15.1, update to version 22.15.1 or later.