CVE-2020-5825
Last modified
CVE-2020-5825 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.. EPSS estimates a 0.36% chance of exploitation in the next 30 days.
Description
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Symantec | Endpoint Protection | 11.0 | — |
| Symantec | Endpoint Protection | 12.1 | — |
| Symantec | Endpoint Protection | 14.0.0 | — |
| Symantec | Endpoint Protection | 14.0.1 | — |
| Symantec | Endpoint Protection | 14.2 | — |
| Symantec | Endpoint Protection | 12.0 | Rtm |
References
- https://support.symantec.com/us/en/article.SYMSA1505.htmlVendor Advisory
- https://support.symantec.com/us/en/article.SYMSA1505.htmlVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-5825?
How severe is CVE-2020-5825?
How do I fix CVE-2020-5825?
Are you affected by CVE-2020-5825?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST