Symantec Endpoint Protection Client < 220.127.116.11 / 12.1.2 (SYM14-001)
High Nessus Plugin ID 71993
SynopsisThe version of Symantec Endpoint Protection Client installed on the remote host is affected by multiple vulnerabilities.
DescriptionThe version of Symantec Endpoint Protection Client running on the remote host is either 11.x prior to 18.104.22.168 or 12.x prior to 12.1.2 (RU2). It is, therefore, affected by multiple security vulnerabilities :
- The Application/Device Control in the SEP Client does not properly enforce custom policies, which could allow an attacker to circumvent policy restrictions in order to access files or directories on the remote host.
- The SEP Client is susceptible to a flaw caused by an unquoted search path, which could allow an attacker to gain elevated privileges via a crafted program in the %SYSTEMDRIVE% directory. (CVE-2013-5011)
SolutionUpgrade to 22.214.171.124 (11.x) / 12.1.2 RU2 (12.x) or later.