CVE-2026-11626— Local Privilege Escalation in Symantec Endpoint Protection macOS CleanWipe Removal Tool
Possible ATT&CK Techniques 1AI
T1068 · Exploitation for Privilege EscalationAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Broadcom | Symantec Endpoint Protection CleanWipe Removal Tool | 16.0.0.65 | unaffected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-11626
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Local Privilege Escalation in Symantec Endpoint Protection macOS CleanWipe Removal Tool
Source: NVD (National Vulnerability Database)
Vulnerability Description
CleanWipe Removal Tool (macOS), prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an affected system can escalate their privileges to gain administrative control.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
带着不必要的权限执行
Source: NVD (National Vulnerability Database)
Vulnerability Title
Broadcom CleanWipe Removal Tool 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Broadcom CleanWipe Removal Tool是美国博通(Broadcom)公司的一款企业级安全软件卸载工具。 Broadcom CleanWipe Removal Tool 16.0.0.65之前版本存在安全漏洞,该漏洞源于可能导致具有有限权限的攻击者提升权限获得管理控制。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Broadcom | Symantec Endpoint Protection CleanWipe Removal Tool | 16.0.0.65 | - |
II. Public POCs for CVE-2026-11626
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-11626
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-11626 (1)
IV. Related Vulnerabilities
Same vendor: Broadcom
- CVE-2026-11815
Insecure Deserialization via MITM in Layer 7 Policy Manager - CVE-2026-8370
Automic Automation Agent Unix privilege escalation - CVE-2026-3991
Elevation of Privileges in Symantec Data Loss Prevention Win - CVE-2026-3862
Cross-Site Scripting Vulnerability in SiteMinder Administrat - CVE-2025-13919
Component Object Model (COM) Hijacking in Symantec Endpoint
Same weakness: CWE-250
- CVE-2026-47190
IPAM controller service account granted unnecessary full acc - CVE-2026-50566
Fission: Environment Runtime.Container and Builder.Container - CVE-2026-50565
Fission builder pods auto-mount the fission-builder ServiceA - CVE-2026-46617
Fission runtime pods automount the fission-fetcher service-a - CVE-2026-46748
Siemens SINEC INS 安全漏洞
V. Comments for CVE-2026-11626
No comments yet