This script is Copyright (C) 2017 Tenable Network Security, Inc.
The Symantec Endpoint Protection Client installed on the remote host
is affected by a privilege escalation vulnerability.
The version of Symantec Endpoint Protection (SEP) Client installed on
the remote host is 12.1.x prior to 12.1 RU6 MP7. It is, therefore,
affected by a local privilege escalation vulnerability in the SymEvent
driver due to improper validation of user-supplied input. A local
attacker can exploit this, via a specially crafted file, to manipulate
certain system calls, resulting in a denial of service condition, or
on 64-bit machines only, the possible execution of arbitrary code with
Note that Nessus has not tested for this issue but has instead relied
only on the application's self-reported version number.
See also :
Upgrade to Symantec Endpoint Protection Client version 12.1 RU6 MP7
Risk factor :
Medium / CVSS Base Score : 6.2
CVSS Temporal Score : 4.6
Public Exploit Available : false