CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5837
https://notcve.org/view.php?id=CVE-2020-5837
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege. Symantec Endpoint Protection, versiones anteriores a 14.3, puede no respetar los permisos de archivo cuando se escriben en archivos de registro que son reemplazados por enlaces simbólicos, lo que puede conllevar a una potencial elevación de privilegios. • https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5836
https://notcve.org/view.php?id=CVE-2020-5836
Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled. Symantec Endpoint Protection, versiones anteriores a 14.3, puede potencialmente restablecer las ACL en un archivo como un usuario limitado, mientras la funcionalidad Tamper Protection de Symantec Endpoint Protection es desactivada. • https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-9363
https://notcve.org/view.php?id=CVE-2020-9363
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction. El motor de análisis Sophos AV versiones anteriores a 14-01-2020 permite una omisión de la detección de virus por medio de un archivo ZIP diseñado. Esto afecta a Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server y Secure Web Gateway. • https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363 • CWE-436: Interpretation Conflict •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-5311
https://notcve.org/view.php?id=CVE-2016-5311
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. Se presenta una vulnerabilidad de escalada de privilegios en Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud y Endpoint Protection Cloud Client, debido a una precarga de DLL sin restricciones de ruta, que podría permitir a un usuario malicioso local obtener privilegios system. • http://www.securityfocus.com/bid/94295 http://www.securitytracker.com/id/1037323 http://www.securitytracker.com/id/1037324 http://www.securitytracker.com/id/1037325 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2019-12758
https://notcve.org/view.php?id=CVE-2019-12758
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature. Symantec Endpoint Protection, versiones anteriores a la versión 14.2 RU2, puede ser susceptible a una vulnerabilidad de ejecución de código sin firmar, lo que puede permitir a un individuo ejecutar código sin una firma digital apropiada residente. • https://safebreach.com/Post/Symantec-Endpoint-Protection-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-12758 https://support.symantec.com/us/en/article.SYMSA1488.html • CWE-427: Uncontrolled Search Path Element •