Vulnerability Description
A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Encryption Desktop | >= 10.0.0, < 10.4.1 |
| Symantec | Endpoint Encryption | >= 7.0, < 7.6 |
| Symantec | Ghost Solution Suite | 3.1 |
| Symantec | It Management Suite | 7.6 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94279Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037302Third Party AdvisoryVDB Entry
- https://support.symantec.com/us/en/article.symsa1385.htmlVendor Advisory
- http://www.securityfocus.com/bid/94279Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037302Third Party AdvisoryVDB Entry
- https://support.symantec.com/us/en/article.symsa1385.htmlVendor Advisory
FAQ
What is CVE-2016-6590?
CVE-2016-6590 is a vulnerability with a CVSS score of 7.8 (HIGH). A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Sui...
How severe is CVE-2016-6590?
CVE-2016-6590 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6590?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Encryption Desktop, Symantec Endpoint Encryption, Symantec Ghost Solution Suite, Symantec It Management Suite.