Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-1478
HistoryMar 27, 2019 - 2:46 p.m.

Symantec Endpoint Encryption Privilege Escalation

2019-03-2714:46:11
Symantec Security Response
3

0.0004 Low

EPSS

Percentile

14.2%

JSON

SUMMARY

Symantec has released an update to address an issue that was discovered in the Symantec Endpoint Encryption product.

AFFECTED PRODUCTS

Symantec Endpoint Encryption

CVE

|

Affected Version(s)

|

Remediation

CVE-2019-9694

|

Prior to SEE 11.2.1 MP1

|

Upgrade to SEE 11.2.1 MP1

ISSUES

CVE-2019-9694

Severity/CVSSv3:

|

Medium / 4.8 AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

References:

Impact:

|

Security Focus: BID 107653 / NVD: CVE-2019-9694

Privilege Escalation

Description:

|

Symantec Endpoint Encryption may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

MITIGATION

The mentioned issue was validated by the product team engineers. A Symantec Endpoint Encryption update, version SEE 11.2.1 MP1, has been released which addresses the aforementioned issue. Please note that this issue is only applicable in cases where Symantec Endpoint Encryption is being used to manage BitLocker. The latest releases and patches for Symantec Endpoint Encryption are available to customers through normal support channels. At this time, Symantec is not aware of any exploitations or adverse customer impact from these issues.

Symantec recommends the following measures to reduce risk of attack:

  • Restrict access to administrative or management systems to authorized privileged users.
  • Restrict remote access to trusted/authorized systems only.
  • Run under the principle of least privilege, where possible, to limit the impact of potential exploit.
  • Keep all operating systems and applications current with vendor patches.
  • Follow a multi-layered approach to security. At a minimum, run both firewall and anti-malware applications to provide multiple points of detection and protection for both inbound and outbound threats.
  • Deploy network and host-based intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in the detection of attacks or malicious activity related to the exploitation of latent vulnerabilities.

ACKNOWLEDGEMENTS

CPENameOperatorVersion
symantec endpoint encryptioneq1

Related

cve 1
nessus 1
prion 1
nvd 1
cvelist 1
cve
cve
CVE-2019-9694
2019-04-10 20:29:01
nessus
nessus
Symantec Endpoint Encryption < 11.2.1 MP1 (SYMSA1478)
2019-05-24 00:00:00
prion
prion
Privilege escalation
2019-04-10 20:29:00
nvd
nvd
CVE-2019-9694
2019-04-10 20:29:01
cvelist
cvelist
CVE-2019-9694
2019-04-10 19:54:45

0.0004 Low

EPSS

Percentile

14.2%

JSON
Related for SMNTC-1478
cve1nessus1prion1nvd1cvelist1