CVE-2018-12238
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.
Norton en versiones anteriores a la 22.15; Symantec Endpoint Protection (SEP) en versiones anteriores a la 12.1.7454.7000 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) en versiones anteriores a la NIS-22.15.1.8 SEP-12.1.7454.7000; y Symantec Endpoint Protection Cloud (SEP Cloud) en versiones anteriores a la 22.15.1 pueden ser susceptibles a un problema de omisión de antivirus, que es un tipo de explotación que sirve para eludir uno de los motores de detección de virus y así evitar un tipo de protección antivirus específico. Uno de los motores antivirus depende de un patrón de firma de una base de datos para identificar archivos maliciosos y virus; la explotación de omisión de antivirus busca alterar el archivo que se está analizando para que no sea detectado.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-06-12 CVE Reserved
- 2018-11-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/105917 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | 2019-10-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Symantec Search vendor "Symantec" | Endpoint Protection Search vendor "Symantec" for product "Endpoint Protection" | >= 11.0 < 12.1.7454.7000 Search vendor "Symantec" for product "Endpoint Protection" and version " >= 11.0 < 12.1.7454.7000" | - |
Affected
| ||||||
Symantec Search vendor "Symantec" | Endpoint Protection Search vendor "Symantec" for product "Endpoint Protection" | >= 14.0 <= 14.2 Search vendor "Symantec" for product "Endpoint Protection" and version " >= 14.0 <= 14.2" | - |
Affected
| ||||||
Symantec Search vendor "Symantec" | Endpoint Protection Cloud Search vendor "Symantec" for product "Endpoint Protection Cloud" | < 22.15.1 Search vendor "Symantec" for product "Endpoint Protection Cloud" and version " < 22.15.1" | - |
Affected
| ||||||
Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | < 22.15 Search vendor "Symantec" for product "Norton Antivirus" and version " < 22.15" | - |
Affected
|