Multiple vulnerabilities in several Symantec products
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2020-12596 CVE-2020-12597 |
| CWE-ID | CWE-200 CWE-248 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Symantec Endpoint Protection Manager Client/Desktop applications / Antivirus software/Personal firewalls Symantec Endpoint Protection Client/Desktop applications / Antivirus software/Personal firewalls Data Center Security (DCS) Windows Agent Client/Desktop applications / Antivirus software/Personal firewalls Cloud Workload Protection (CWP) Windows Client Client/Desktop applications / Antivirus software/Personal firewalls |
| Vendor | Broadcom |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU54289
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12596
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to session tokens can be exposed via the URL in a GET request. A remote attacker can obtain session token and gain unauthorized access to the application.
Install updates from vendor's website.
Vulnerable software versionsSymantec Endpoint Protection Manager: 14 - 14.3
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Uncaught Exception
EUVDB-ID: #VU54290
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12597
CWE-ID:
CWE-248 - Uncaught Exception
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to uncaught exception in a common driver. A local user can perform a denial of service attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsSymantec Endpoint Protection: 14 MP1 - 14.3 RU1
Data Center Security (DCS) Windows Agent: before 6.9.1
Cloud Workload Protection (CWP) Windows Client: before 1.6.1
External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
