Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-1494
HistoryOct 24, 2019 - 6:53 p.m.

Symantec SONAR Security Bypass

2019-10-2418:53:00
Symantec Security Response
17

0.0004 Low

EPSS

Percentile

14.2%

JSON

SUMMARY

Symantec has released an update to address an issue that was discovered in the Symantec SONAR component.

AFFECTED PRODUCTS

Component: SONAR Engine

CVE

|

Affected Version(s)

|

Remediation

CVE-2019-12752

|

Prior to 12.0.2

|

Upgrade to 12.0.2

(Note: Live updatable; no action required by customers)

ISSUES

CVE-2019-12752

Severity/CVSSv3:

|

Medium / 6.1 AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

References:

Impact:

|

Security Focus: BID 110611 / NVD: CVE-2019-12752

Tamper Protection Bypass

Description:

|

The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass vulnerability which could potentially allow an attacker to circumvent the existing tamper protection in use on the resident system.

MITIGATION

This issue has been validated by Symantec engineers. An update for Symantec SONAR, version 12.0.2 has been released to address this issue. Note that this release has already been pushed out automatically via Symantec LiveUpdate; no additional action is required by customers. At this time, Symantec is not aware of any exploitations or adverse customer impact from this issue.

Symantec recommends the following measures to reduce risk of attack:

  • Restrict access to administrative or management systems to authorized privileged users.
  • Restrict remote access to trusted/authorized systems only.
  • Run under the principle of least privilege, where possible, to limit the impact of potential exploit.
  • Keep all operating systems and applications current with vendor patches.
  • Follow a multi-layered approach to security. At a minimum, run both firewall and anti-malware applications to provide multiple points of detection and protection for both inbound and outbound threats.
  • Deploy network and host-based intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in the detection of attacks or malicious activity related to the exploitation of latent vulnerabilities.

ACKNOWLEDGEMENTS

CPENameOperatorVersion
component: sonar engineeq1

Related

nvd 1
nessus 1
symantec 1
prion 1
cve 1
cvelist 1
nvd
nvd
CVE-2019-12752
2019-11-01 16:15:12
nessus
nessus
Symantec SONAR < 12.0.2 Security Bypass (SYMSA1494)
2019-11-08 00:00:00
symantec
symantec
Symantec Endpoint Protection SONAR Component CVE-2019-12752 Security Bypass Vulnerability
2019-11-01 00:00:00
prion
prion
Design/Logic Flaw
2019-11-01 16:15:00
cve
cve
CVE-2019-12752
2019-11-01 16:15:12
cvelist
cvelist
CVE-2019-12752
2019-11-01 15:03:54

0.0004 Low

EPSS

Percentile

14.2%

JSON
Related for SMNTC-1494
nvd1nessus1symantec1prion1cve1cvelist1