CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
9.5%
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.
Vendor | Product | Version | CPE |
---|---|---|---|
symantec | endpoint_protection_manager | * | cpe:2.3:a:symantec:endpoint_protection_manager:*:mp4:*:*:*:*:*:* |
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
9.5%