CERT mailing list archives
Local Privilege Escalation Vulnerability in Symantec Endpoint Protection
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Mon, 04 Aug 2014 18:29:19 -0500
NCCIC / US-CERT National Cyber Awareness System: Local Privilege Escalation Vulnerability in Symantec Endpoint Protection [ https://www.us-cert.gov/ncas/current-activity/2014/08/04/Local-Privilege-Escalation-Vulnerability-Symantec-Endpoint ] 08/04/2014 05:34 PM EDT Original release date: August 04, 2014 US-CERT is aware of a local privilege escalation vulnerability in Symantec Endpoint Protection. This vulnerability affects all versions of Symantec Endpoint Protection Client 11.x and 12.x running Application and Device Control. Exploitation of this vulnerability may allow an attacker to gain full privileges on an affected system. US-CERT recommends that users and administrators review the associated Symantec Knowledge Base Article TECH223338 [ http://www.symantec.com/docs/TECH223338 ] and CERT Vulnerability Note VU#252068 [ http://www.kb.cert.org/vuls/id/252068 ] and apply the necessary updates. ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- Local Privilege Escalation Vulnerability in Symantec Endpoint Protection US-CERT (Aug 04)