CVE-2017-13681

Published: Nov 6, 2017Modified: May 13, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack.

Affected (1)

Products: Symantec: Endpoint Protection

1 product

Endpoint Protection

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Symantec Endpoint Protection	Before 12.1

References (6)

http://www.securityfocus.com/bid/101504

Source: secure@symantec.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039775

Source: secure@symantec.com

Third Party AdvisoryVDB Entry

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00

Source: secure@symantec.com

Issue TrackingThird Party Advisory

http://www.securityfocus.com/bid/101504

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039775

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

Timeline

No history available yet.