CVE-2022-37016

CWE-269Improper Privilege Management3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.5%
top 33.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Broadcom Symantec Endpoint Protection
Timeline
PublishedDec 1

Description

Symantec Endpoint Protection (Windows) agent may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5symantec_endpoint_protection14.3 RU5

🔴Vulnerability Details

2
CVEList
CVE-2022-37016: Symantec Endpoint Protection (Windows) agent may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker2022-12-01
GHSA
GHSA-xf35-ghx9-6hhf: Symantec Endpoint Protection (Windows) agent may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker2022-12-01
CVE-2022-37016 (CRITICAL CVSS 9.8) | Symantec Endpoint Protection (Windo | cvebase.io