Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 7 |
CVE-ID | CVE-2020-5826 CVE-2020-5825 CVE-2020-5824 CVE-2020-5823 CVE-2020-5822 CVE-2020-5821 CVE-2020-5820 |
CWE-ID | CWE-125 CWE-264 CWE-20 CWE-427 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Symantec Endpoint Protection Client/Desktop applications / Antivirus software/Personal firewalls Symantec Endpoint Protection Small Business Edition Client/Desktop applications / Antivirus software/Personal firewalls |
Vendor | Broadcom |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
EUVDB-ID: #VU25326
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2020-5826
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the "AvHostPlugin.dll". A local user can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSymantec Endpoint Protection: 14.2 RU1 - 14.2 RU2
Symantec Endpoint Protection Small Business Edition: 14.0.1904.0000 - 14.2.5323.2000
Fixed software versionsCPE2.3 External links
http://support.symantec.com/us/en/article.SYMSA1505.html
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU25325
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2020-5825
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to missing authentication in the "AvHostPlugin.dll" module. A local user can overwrite existing files on the resident system without proper privileges and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSymantec Endpoint Protection: 14.2 RU1 MP1 - 14.2 RU2
Symantec Endpoint Protection Small Business Edition: 14.0.1904.0000 - 14.2.5323.2000
Fixed software versionsCPE2.3 External links
http://support.symantec.com/us/en/article.SYMSA1505.html
http://www.zerodayinitiative.com/advisories/ZDI-20-228/
http://www.zerodayinitiative.com/advisories/ZDI-20-227/
http://www.zerodayinitiative.com/advisories/ZDI-20-226/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU25324
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2020-5824
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the "AvHostPlugin.dll" module. A local user can cause a denial of service condition on the target system.
Install updates from vendor's website.
Vulnerable software versionsSymantec Endpoint Protection: 14.2 RU1 - 14.2 RU2
Symantec Endpoint Protection Small Business Edition: 14.0.1904.0000 - 14.2.5323.2000
Fixed software versionsCPE2.3 External links
http://support.symantec.com/us/en/article.SYMSA1505.html
http://www.zerodayinitiative.com/advisories/ZDI-20-221/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU25323
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2020-5823
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper permissions check within the "ccJobMgr.dll" module. A local user can compromise the software application to gain elevated access to resources that are normally protected from an application or user.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSymantec Endpoint Protection: 14.2 RU1 - 14.2 RU2
Symantec Endpoint Protection Small Business Edition: 14.0.1904.0000 - 14.2.5323.2000
Fixed software versionsCPE2.3 External links
http://support.symantec.com/us/en/article.SYMSA1505.html
http://www.zerodayinitiative.com/advisories/ZDI-20-219/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU25322
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2020-5822
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper permissions check within the "ccSvc.dll" module. A local user can compromise the software application to gain elevated access to resources that are normally protected from an application or user.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSymantec Endpoint Protection: 14.2 RU1 - 14.2 RU2
Symantec Endpoint Protection Small Business Edition: 14.0.1904.0000 - 14.2.5323.2000
Fixed software versionsCPE2.3 External links
http://support.symantec.com/us/en/article.SYMSA1505.html
http://www.zerodayinitiative.com/advisories/ZDI-20-218/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU25321
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2020-5821
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to the application loads DLL libraries in an insecure manner. A local user can use a specially crafted .dll file and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSymantec Endpoint Protection: 14.2 RU1 - 14.2 RU2
Symantec Endpoint Protection Small Business Edition: 14.0.1904.0000 - 14.2.5323.2000
Fixed software versionsCPE2.3 External links
http://support.symantec.com/us/en/article.SYMSA1505.html
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
EUVDB-ID: #VU25305
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2020-5820
CWE-ID:
Exploit availability:
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper permissions check within the AvHostPlugin.dll. A local user can compromise the software application to gain elevated access to resources that are normally protected from an application or user.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSymantec Endpoint Protection: 14.0 MP2a - 14.2 RU2
Symantec Endpoint Protection Small Business Edition: 14.0.1904.0000 - 14.2.5323.2000
Fixed software versionsCPE2.3 External links
http://support.symantec.com/us/en/article.SYMSA1505.html
http://www.zerodayinitiative.com/advisories/ZDI-20-217/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?