Symantec Endpoint Protection Manager < 12.1 RU3 (SYM13-005) (credentialed check)
High Nessus Plugin ID 66927
SynopsisThe endpoint management application installed on the remote Windows host is affected by a code execution vulnerability.
DescriptionThe version of Symantec Endpoint Protection Manager installed on the remote host is a version prior to 12.1 RU3. It is, therefore, potentially affected by a buffer overflow vulnerability in the 'secars.dll' component. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.
SolutionUpgrade to Symantec Endpoint Protection 12.1 RU3 or later.