Symantec’s Endpoint Protection Manager Exploit can be used as an entry point

SEC Consult Vulnerability Lab says that these vulnerabilities can be used to execute server side request forgery (SSRF) attacks used for port scanning/fingerprinting, denial of service, possibly file disclosure as well as attacks against functionality that is only exposed internally. Symantec Endpoint Protection combines virus protection with advanced threat protection to proactively secure your computers against known and unknown threats. Users are recommended to update Symantec Endpoint Protection to the most recent version.

Find SEC Consult Vulnerability Lab Security Advisory here – https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140218-0_Symantec_Endpoint_Protection_Multiple_critical_vulnerabilities_wo_poc_v10.txt

Leave a Comment

Your email address will not be published.

Scroll to Top