7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
Symantec has released updates to address issues that were discovered in the Symantec Endpoint Protection (SEP), Symantec Endpoint Protection Manager (SEPM), and Symantec Endpoint Protection Small Business Edition (SEP SBE) products. At this time, Symantec is not aware of any exploitations or adverse customer impact from these issues.
Symantec has also created additional detections and protections, which are in place, and is continuing to monitor any attempts of this exploit against our products. At this time, there is no evidence of any attempts at this exploit in the wild.
Symantec Endpoint Protection (SEP)
& Symantec Endpoint Protection Small Business Edition (SEP SBE)
CVE
|
Affected Version(s)
|
Remediation
CVE-2020-5820
CVE-2020-5821
CVE-2020-5822
CVE-2020-5823
CVE-2020-5824
CVE-2020-5825
CVE-2020-5826
|
Prior to 14.2 RU2 MP1 (14.2.5569.2100)
|
Upgrade to 14.2 RU2 MP1 (14.2.5569.2100)
Symantec Endpoint Protection Manager (SEPM)
CVE
|
Affected Version(s)
|
Remediation
CVE-2020-5827
CVE-2020-5828
CVE-2020-5829
CVE-2020-5830
CVE-2020-5831
|
Prior to 14.2 RU2 MP1
|
Upgrade to 14.2 RU2 MP1
CVE-2020-5820
Severity/CVSSv3:
|
High / 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Impact:
|
Security Focus: BID 111773 / NVD: CVE-2020-5820
Privilege Escalation
Description:
|
Symantec Endpoint Protection (SEP) Windows Endpoint and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
**CVE-2020-5821 **
Severity/CVSSv3:
|
High / 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Impact:
|
Security Focus: BID 111771 / NVD: CVE-2020-5821
DLL Injection
Description:
|
Symantec Endpoint Protection (SEP) Windows Endpoint and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.
**CVE-2020-5822 **
Severity/CVSSv3:
|
High / 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Impact:
|
Security Focus: BID 111774 / NVD: CVE-2020-5822
Privilege Escalation
Description:
|
Symantec Endpoint Protection (SEP) Windows Endpoint and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVE-2020-5823
Severity/CVSSv3:
|
High / 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Impact:
|
Security Focus: BID 111775 / NVD: CVE-2020-5823
Privilege Escalation
Description:
|
Symantec Endpoint Protection (SEP) Windows Endpoint and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVE-2020-5824
Severity/CVSSv3:
|
Medium / 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Impact:
|
Security Focus: BID 111776 / NVD: CVE-2020-5824
Denial of Service
Description:
|
Symantec Endpoint Protection (SEP) Windows Endpoint and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable.
CVE-2020-5825
Severity/CVSSv3:
|
Medium / 6.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
References:
Impact:
|
Security Focus: BID 111778 / NVD: CVE-2020-5825
Arbitrary File Write
Description:
|
Symantec Endpoint Protection (SEP) Windows Endpoint and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
CVE-2020-5826
Severity/CVSSv3:
|
Medium / 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Impact:
|
Security Focus: BID 111777 / NVD: CVE-2020-5826
Out of Bounds
Description:
|
Symantec Endpoint Protection (SEP) Windows Endpoint and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5827
Severity/CVSSv3:
|
Low / 3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References:
Impact:
|
Security Focus: BID 111781 / NVD: CVE-2020-5827
Out of Bounds
Description:
|
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5828
Severity/CVSSv3:
|
Low / 3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References:
Impact:
|
Security Focus: BID 111782 / NVD: CVE-2020-5828
Out of Bounds
Description:
|
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5829
Severity/CVSSv3:
|
Low / 3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References:
Impact:
|
Security Focus: BID 111785 / NVD: CVE-2020-5829
Out of Bounds
Description:
|
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5830
Severity/CVSSv3:
|
Low / 3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References:
Impact:
|
Security Focus: BID 111786 / NVD: CVE-2020-5830
Out of Bounds
Description:
|
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVE-2020-5831
Severity/CVSSv3:
|
Low / 3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References:
Impact:
|
Security Focus: BID 111787 / NVD: CVE-2020-5831
Out of Bounds
Description:
|
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
The following product updates have been made available to customers to remediate these issues:
In addition, a refresh of 14.2 RU2 (14.2.5334.2000) was released on February 10, 2020 to address this issue. This is available upon request from Symantec Technical Support.
Symantec recommends the following measures to reduce risk of attack:
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P