7.2
CVSSv2

CVE-2019-12758

Published: 15/11/2019 Updated: 19/11/2019
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Symantec Endpoint Protection, before 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.

Vulnerability Trend

Affected Products

Vendor Product Versions
SymantecEndpoint Protection14.2

Recent Articles

Symantec Fixes Privilege Escalation Flaw in Endpoint Protection
BleepingComputer • Sergiu Gatlan • 14 Nov 2019

Symantec fixed a local privilege escalation security flaw affecting all Symantec Endpoint Protection software versions prior to 14.2 RU2, and allowing attackers to escalate privileges on compromised devices and execute malicious code using SYSTEM privileges.
Symantec Endpoint Protection is a suite of security solutions including intrusion prevention, firewall, data loss prevention, and anti-malware capabilities for both desktop and server computers.
This is not the first local pr...