CVE-2018-18367

moderate-risk

Published 2019-04-25

Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.

Do I need to act?

-

0.40% chance of exploitation

EPSS score — low exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

7

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (20)

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Endpoint Protection Manager

Affected Vendors

Symantec

References (4)

Third Party Advisory http://www.securityfocus.com/bid/107996

Vendor Advisory https://support.symantec.com/en_US/article.SYMSA1479.html

Third Party Advisory http://www.securityfocus.com/bid/107996

Vendor Advisory https://support.symantec.com/en_US/article.SYMSA1479.html

49

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 2/34 · Minimal

Exposure 23/34 · High