Symantec Endpoint Protection Manager prior to 14.3 Concurrent Execution using Shared Resource with Improper Synchronization (‘Race Condition’) Vulnerability

Summary

Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine.

Credit:

The information has been provided by Ilias Dimopoulos

The original article can be found at:https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762


Details

Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine.

 

Vulnerable Systems:

Symantec Endpoint Protection Manager prior to 14.3

 

CVE Information:

CVE-2020-5835

 

Disclosure Timeline:
Published Date:5/11/2020

Categories: FeaturedNews