CVE-2020-5820 – Symantec Endpoint Protection AvHostPlugin Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-5820
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicación de software para conseguir un acceso elevado a los recursos que normalmente están protegidos de una aplicación o un usuario. This vulnerability allows local attackers to escalate privileges on affected installations of Symantec Endpoint Protection. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvHostPlugin.dll. The issue results from the lack of proper validation of user-supplied data, which can result in a write before the start of an allocated buffer. • https://support.symantec.com/us/en/article.SYMSA1505.html •
CVE-2020-5824 – Symantec Endpoint Protection AvHostPlugin Missing Authentication Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-5824
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable. Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de denegación de servicio, que es un tipo de problema por el cual un actor de amenaza intenta vincular los recursos de una aplicación residente, haciendo de esta manera que determinadas funciones no estén disponibles. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Symantec Endpoint Protection. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvHostPlugin.dll module. By invoking a method of a COM class, an attacker can delete arbitrary files. • https://support.symantec.com/us/en/article.SYMSA1505.html •
CVE-2020-5825 – Symantec Endpoint Protection AvHostPlugin Missing Authentication Arbitrary File Move Vulnerability
https://notcve.org/view.php?id=CVE-2020-5825
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges. Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escritura de archivos arbitraria, que es un tipo de problema por el cual un atacante es capaz de sobrescribir archivos existentes sobre el sistema residente sin los privilegios apropiados. This vulnerability allows local attackers to move arbitrary files on affected installations of Symantec Endpoint Protection. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvHostPlugin.dll module. By invoking a method of a COM class, an attacker can move arbitrary files. • https://support.symantec.com/us/en/article.SYMSA1505.html •
CVE-2020-5826 – Symantec Endpoint Protection AvHostPlugin Out-of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-5826
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program. Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad fuera de límites, que es un tipo de problema que resulta en que una aplicación existente lea la memoria fuera de los límites de la memoria que ha sido asignada al programa. This vulnerability allows local attackers to disclose sensitive information on affected installations of Symantec Endpoint Protection Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AvHostPlugin.dll. The issue results from the lack of proper validation of user-supplied data, which can result in a read before the start of an allocated buffer. • https://support.symantec.com/us/en/article.SYMSA1505.html • CWE-125: Out-of-bounds Read •
CVE-2020-5823 – Symantec Endpoint Protection ccJobMgr Missing Authentication Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-5823
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicación de software para conseguir un acceso elevado a los recursos que normalmente están protegidos de una aplicación o un usuario. This vulnerability allows local attackers to escalate privileges on affected installations of Symantec Endpoint Protection. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ccJobMgr.dll module. By invoking a method of a COM class, an attacker can launch an arbitrary executable. • https://support.symantec.com/us/en/article.SYMSA1505.html •