#VU54290 Uncaught Exception in Broadcom products - CVE-2020-12597
Published: June 21, 2021
Vulnerability identifier: #VU54290
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-12597
CWE-ID: CWE-248
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Symantec Endpoint Protection
Data Center Security (DCS) Windows Agent
Cloud Workload Protection (CWP) Windows Client
Symantec Endpoint Protection
Data Center Security (DCS) Windows Agent
Cloud Workload Protection (CWP) Windows Client
Software vendor:
Broadcom
Broadcom
Description
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to uncaught exception in a common driver. A local user can perform a denial of service attack.
Remediation
Install updates from vendor's website.