Lucene search
+L

CVE-2019-9702

🗓️ 01 Jul 2019 20:28:16Reported by symantecType 
cve
 cve
🔗 web.nvd.nist.gov👁 99 Views🌐 WEB

Symantec Endpoint Encryption, prior to SEE 11.3.0, susceptible to privilege escalation

Related
Detection
Affected
Refs
Paths
ReporterTitlePublishedViews
Family
cvelist
CVE-2019-9702
1 Jul 201920:28
cvelist
githubexploit
Exploit for CVE-2019-9702
14 Jul 202612:30
githubexploit
euvd
EUVD-2019-19068
7 Oct 202500:30
euvd
nvd
CVE-2019-9702
1 Jul 201921:15
nvd
osv
CVE-2019-9702
1 Jul 201921:15
osv
prion
Privilege escalation
1 Jul 201921:15
prion
redhatcve
CVE-2019-9702
22 May 202505:14
redhatcve
symantec
Symantec Endpoint Encryption Privilege Escalation
17 Jun 201915:43
symantec
nessus
Symantec Encryption Desktop Multiple Vulnerabilities (SYMSA1485)
11 Jul 201900:00
nessus
nessus
Symantec Endpoint Encryption < 11.3.0 Multiple Vulnerabilities (SYMSA1485)
11 Jul 201900:00
nessus
Rows per page
NVD
[
  {
    "product": "Endpoint Encryption",
    "vendor": "Symantec",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to SEE 11.3.0"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
RAW read/write IOCTL interfacepath\\.\PGPwdefExposes the device interface used to perform raw read/write operations on the disk backing the PGP disk object, enabling privilege escalation via overwriting system binaries after reboot.CWE-269
NTFS backing disk sector manipulationpath\\.\PGPwdefExposes the device interface used to perform raw read/write operations on the disk backing the PGP disk object, enabling privilege escalation via overwriting system binaries after reboot.CWE-269
mapping C:\Windows\System32\spoolsv.exe to NTFS extentpath\\.\PGPwdefExposes the device interface used to perform raw read/write operations on the disk backing the PGP disk object, enabling privilege escalation via overwriting system binaries after reboot.CWE-269
target file overwritten by payload after rebootpathC:\Windows\System32\spoolsv.exeTarget file whose sectors are overwritten via the raw IOCTL path to deliver a LocalSystem payload.CWE-269

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 02:44Current
7.9High risk
Vulners AI Score7.9
CVSS 24.6
CVSS 37.8
EPSS0.00212
99