Vulnerability Description
Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Endpoint Protection | < 12.1 |
References
- http://www.securityfocus.com/bid/101504Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039775Third Party AdvisoryVDB Entry
- https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securiIssue TrackingThird Party Advisory
- http://www.securityfocus.com/bid/101504Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039775Third Party AdvisoryVDB Entry
- https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securiIssue TrackingThird Party Advisory
FAQ
What is CVE-2017-13681?
CVE-2017-13681 is a vulnerability with a CVSS score of 7.8 (HIGH). Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources th...
How severe is CVE-2017-13681?
CVE-2017-13681 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-13681?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Endpoint Protection.