[German]If someone is using Symantec Endpoint Protection on their Windows clients, the antivirus solution should be updated quickly. This is because older versions have critical security vulnerabilities.
Symantec issued this security warning on February 3, 2020, but updated the document on February 10, 2020. In the products:
- Symantec Endpoint Protection (SEP), before 14.2 RU2 MP1 (14.2.5569.2100)
- Symantec Endpoint Protection Manager (SEPM), before 14.2 RU2 MP1
- and Symantec Endpoint Protection Small Business Edition (SEP SBE)
vulnerabilities were discovered (mostly by the Trend Micro Zero Day Initiative), which were rated as high (score 7.8) Attackers may be able to use security holes to gain increased rights or carry out DoS attacks. Symantec is not currently aware of any exploits or negative impact of these issues on customers.
- Symantec Endpoint Protection (SEP): CVE-2020-5820, CVE-2020-5821, CVE-2020-5822, CVE-2020-5823, CVE-2020-5824, CVE-2020-5825, CVE-2020-5826
- Symantec Endpoint Protection Manager (SEPM): CVE-2020-5827, CVE-2020-5828, CVE-2020-5829, CVE-2020-5830, CVE-2020-5831
Details of the respective vulnerabilities such as the Privilege Escalation Vulnerability CVE-2020-5820, or CVE-2020-5821, CVE-2020-5822, CVE-2020-5823, CVE-2020-5824 etc. can be found in the Symantec article here. Symantec has now released updates for the following to address the above vulnerabilities.
- SEP 14.2 RU2 MP1 (14.2.5569.2100)
- SEPM 14.2 RU2 MP1
- SEP SBE 14.2 RU2 MP1 (14.2.5569.2100)
Symantec has also implemented additional detection and protection measures and continues to monitor all attempts to exploit this in its products. There is currently no evidence of attempts to exploit this vulnerability in the wild. (via)