CVE-2018-12238

3 documents3 sources

Severity

7.8HIGH

EPSS

0.1%

top 75.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Endpoint Protection Symantec Endpoint Protection Cloud Symantec Norton Antivirus

Timeline

PublishedNov 29

Latest updateMay 13

Description

Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern …

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDsymantec/endpoint_protection_cloud< 22.15.1

▶NVDsymantec/endpoint_protection11.0 — 12.1.7454.7000+1

▶NVDsymantec/norton_antivirus< 22.15

🔴Vulnerability Details

GHSA

GHSA-grmv-v937-8mm8: Norton prior to 22↗2022-05-13

▶

CVEList

CVE-2018-12238: Norton prior to 22↗2018-11-29

▶