vulnerability

Symantec Endpoint Protection: Symantec Endpoint Protection Security Update (CVE-2020-5837)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	May 11, 2020	Jun 3, 2020	Sep 1, 2021

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

May 11, 2020

Added

Jun 3, 2020

Modified

Sep 1, 2021

Description

Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.

Solution

symantec-endpoint-protection-upgrade-14_3_558_0000

References

CVE-2020-5837
https://attackerkb.com/topics/CVE-2020-5837
URL-https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today