CVE-2017-13681— Symantec Endpoint Protection 权限许可和访问控制问题漏洞

N/A

Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack.

N/A

N/A

Symantec Endpoint Protection 权限许可和访问控制问题漏洞

Symantec Endpoint Protection（SEP）是美国赛门铁克（Symantec）公司的一套防病毒软件。该软件可跨物理和虚拟系统提供安全防护功能。 SEP 12.1 RU6 MP9之前的版本中存在提取漏洞。攻击者可通过向本地文件系统中多次写入文件和目录利用该漏洞获取提升的访问权限，访问被保护的资源。

N/A

N/A