PT-2026-5143 · Symantec · Symantec Endpoint Protection
Gregory Draperi
·
Published
2026-01-28
·
Updated
2026-01-30
·
CVE-2025-13919
CVSS v3.1
4.4
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Symantec Endpoint Protection versions prior to 14.3 RU10 Patch 1
Symantec Endpoint Protection versions prior to 14.3 RU9 Patch 2
Symantec Endpoint Protection versions prior to 14.3 RU8 Patch 3
Description
The software may be susceptible to a COM Hijacking issue. This type of issue allows an attacker to attempt to establish persistence and evade detection by hijacking COM references in the Windows Registry.
Recommendations
Update to Symantec Endpoint Protection 14.3 RU10 Patch 1 or later.
Update to Symantec Endpoint Protection 14.3 RU9 Patch 2 or later.
Update to Symantec Endpoint Protection 14.3 RU8 Patch 3 or later.
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Symantec Endpoint Protection