CVE-2016-5311 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2016-5311?

CVE-2016-5311 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-5311?

Check the references section above for vendor advisories and patch information. Affected products include: Symantec Endpoint Protection, Symantec Endpoint Protection Cloud, Symantec Norton 360, Symantec Norton Antivirus, Symantec Norton Antivirus With Backup.

Vulnerability Description

A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Symantec	Endpoint Protection	< 22.8.0.50
Symantec	Endpoint Protection Cloud	< 22.8.0.50
Symantec	Norton 360	< 22.7
Symantec	Norton Antivirus	< 22.7
Symantec	Norton Antivirus With Backup	< 22.7
Symantec	Norton Family	< 22.7
Symantec	Norton Internet Security	< 22.7
Symantec	Norton Security	< 22.7
Symantec	Norton Security With Backup	< 22.7

Related Weaknesses (CWE)

CWE-427

References

http://www.securityfocus.com/bid/94295Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1037323Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1037324Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1037325Third Party AdvisoryVDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securiVendor Advisory
http://www.securityfocus.com/bid/94295Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1037323Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1037324Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1037325Third Party AdvisoryVDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securiVendor Advisory

FAQ

What is CVE-2016-5311?

CVE-2016-5311 is a vulnerability with a CVSS score of 7.8 (HIGH). A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Pro...

How severe is CVE-2016-5311?

CVE-2016-5311 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-5311?

Check the references section above for vendor advisories and patch information. Affected products include: Symantec Endpoint Protection, Symantec Endpoint Protection Cloud, Symantec Norton 360, Symantec Norton Antivirus, Symantec Norton Antivirus With Backup.