This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The version of Symantec Endpoint Protection Client installed on the
remote host is affected by a local privilege escalation vulnerability.
The version of Symantec Endpoint Protection Client running on the
remote host is either 11.x or 12.x prior to 12.1 RU4 MP1b. It is,
therefore, affected by a local privilege escalation vulnerability.
A flaw exists in the sysplant driver due to insufficient validation of
external input. An attacker, using specially crafted IOCTL code, could
cause a kernel pool overflow resulting in elevated privileges to
See also :
Upgrade to version 12.1 RU4 MP1b (12.1.4112.4156) or later.
Risk factor :
Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 5.4
Public Exploit Available : true