← Volver a CVEs

CVE-2016-6590

HIGH

7.8

Descripcion

A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.

Detalles CVE

Puntuacion CVSS v3.17.8

SeveridadHIGH

Vector CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vector de ataqueLOCAL

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioREQUIRED

Publicado1/8/2020

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

symantec:encryption_desktopsymantec:endpoint_encryptionsymantec:ghost_solution_suitesymantec:it_management_suite

Debilidades (CWE)

CWE-269

Referencias

http://www.securityfocus.com/bid/94279(secure@symantec.com)

http://www.securitytracker.com/id/1037302(secure@symantec.com)

https://support.symantec.com/us/en/article.symsa1385.html(secure@symantec.com)

http://www.securityfocus.com/bid/94279(af854a3a-2127-422b-91ae-364da2661108)

http://www.securitytracker.com/id/1037302(af854a3a-2127-422b-91ae-364da2661108)

https://support.symantec.com/us/en/article.symsa1385.html(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.