Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-4679

CWE-119 — Buffer Overflow4 documents4 sources

Severity

6.6MEDIUM

EPSS

0.2%

top 58.09%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Workspace Virtualization

Timeline

PublishedAug 5

Latest updateMay 17

Description

Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 2.7 | Impact: 10.0

Affected Packages1 packages

▶NVDsymantec/workspace_virtualization6.4.1895.0

🔴Vulnerability Details

GHSA

GHSA-6q2m-wfm6-32fq: Symantec Workspace Virtualization before 6↗2022-05-17

▶

CVEList

CVE-2013-4679: Symantec Workspace Virtualization before 6↗2013-08-04

▶

💥Exploits & PoCs

Exploit-DB

Symantec Workspace Virtualization 6.4.1895.0 - Kernel Mode Privilege Escalation↗2013-07-18

▶