Main Vulnerability Database Vulnerabilities #VU16213

Insecure DLL loading in Symantec Endpoint Protection - CVE-2018-12245

Published: December 3, 2018 / Updated: December 3, 2018

Vulnerability identifier: #VU16213

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2018-12245

CWE-ID: CWE-427

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Broadcom

Affected software:
Symantec Endpoint Protection

Detailed vulnerability description

The vulnerability allows a local high-privileged attacker to compromise vulnerable system.

The vulnerability exists due to insecure .dll loading mechanism when opening files. A remote attacker can place a file along with specially crafted .dll file on a remote SBM or WebDAV share, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current victim.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

How to mitigate CVE-2018-12245

Update to version 14.2 MP1.

Sources

https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html

Insecure DLL loading in Symantec Endpoint Protection - CVE-2018-12245

Detailed vulnerability description

How to mitigate CVE-2018-12245

Sources

Please verify you're human