4 matches found
CVE-2026-15380 Local privilege escalation in Symantec ITMS
A non-administrator interactive user can obtain full SYSTEM code execution through a DCOM/task scheduler logic chain — no network access, no memory corruption required ITMS 8.7.3...
CVE-2026-15380
CVE-2026-15380 : A non-admin interactive user can achieve full SYSTEM code execution via a DCOM/task scheduler logic chain in Symantec ITMS. No network access or memory corruption required. Connected records confirm the vulnerability and impact as stated; no explicit exploit details, mitigations,...
Symantec IT Management Suite Multiple Issues
SUMMARY Symantec has released updates to address two security issues: a cross-site scripting XSS issue and a denial of service DoS issue reported in the Symantec IT Management Suite ITMS workflow process manager console. AFFECTED PRODUCTS Symantec IT Manage Suite Workflow Process Manager Console...
Symantec ITMS Inventory Solution Application Denial Functionality Bypass
SUMMARY The Inventory Solution component of Symantecs IT Management Agent, the client portion of Symantec IT Management Suite ITMS powered by Altiris, can be configured to deny one or more applications from running on a windows managed client as part of IT management functions. A determined user...