vulnerability
Symantec Endpoint Protection: Symantec Endpoint Protection Clients Local Elevation of Privilege (CVE-2016-9094)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Apr 16, 2018 | Nov 19, 2019 | Apr 7, 2026 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Apr 16, 2018
Added
Nov 19, 2019
Modified
Apr 7, 2026
Description
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client.
Solutions
symantec-endpoint-protection-upgrade-12_1_7166_6700symantec-endpoint-protection-upgrade-14_0_2332_0100
References
- CVE-2016-9094
- https://attackerkb.com/topics/CVE-2016-9094
- CWE-20
- EUVD-EUVD-2016-9915
- http://www.securityfocus.com/bid/96298
- http://www.securitytracker.com/id/1037961
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-9915
- https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.