CVE-2020-5825

Name of the Vulnerable Software and Affected Versions Symantec Endpoint Protection versions prior to 14.2 RU2 MP1 Symantec Endpoint Protection Small Business Edition versions prior to 14.2.5569.2100

Description The issue allows an attacker to overwrite existing files on the system without proper privileges, which is a type of arbitrary file write vulnerability. This can be exploited to move or rename files arbitrarily. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Symantec Endpoint Protection versions prior to 14.2 RU2 MP1, update to version 14.2 RU2 MP1 or later. For Symantec Endpoint Protection Small Business Edition versions prior to 14.2.5569.2100, update to version 14.2.5569.2100 or later. As a temporary workaround, consider restricting access to the AvHostPlugin to minimize the risk of exploitation.