Published: 15/11/2019 Updated: 24/08/2020
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.7 | Impact Score: 5.9 | Exploitability Score: 0.8
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Symantec Endpoint Protection, before 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.

Vulnerability Trend

Recent Articles

Symantec Fixes Privilege Escalation Flaw in Endpoint Protection
BleepingComputer • Sergiu Gatlan • 14 Nov 2019

Symantec fixed a local privilege escalation security flaw affecting all Symantec Endpoint Protection software versions prior to 14.2 RU2, and allowing attackers to escalate privileges on compromised devices and execute malicious code using SYSTEM privileges.
Symantec Endpoint Protection is a suite of security solutions including intrusion prevention, firewall, data loss prevention, and anti-malware capabilities for both desktop and server computers.
This is not the first local pr...