CVE-2015-8154

CWE-2643 documents3 sources
Severity
8.8HIGH
EPSS
1.7%
top 17.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Endpoint Protection Manager
Timeline
PublishedMar 18
Latest updateMay 17

Description

The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote attackers to execute arbitrary code via a crafted HTML document, related to "RWX Permissions."

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-vmc7-4567-9fxg: The SysPlant2022-05-17
CVEList
CVE-2015-8154: The SysPlant2016-03-18
CVE-2015-8154 (HIGH CVSS 8.8) | The SysPlant.sys driver in the Appl | cvebase.io