Vulnerabilities > CVE-2015-8156 - Unspecified vulnerability in Symantec Endpoint Encryption 11.0/11.0.0/11.0.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Nessus
NASL family | Windows |
NASL id | SYMANTEC_ENDPOINT_ENCRYPTION_DRIVE_ENCRYPTION_11_1_1.NASL |
description | The version of the Symantec Endpoint Encryption (SEE) Drive Encryption Client installed on the remote Windows host is 11.x prior to 11.1.1. It is, therefore, affected by a privilege escalation vulnerability due to an unquoted search path in EEDService. A local attacker can exploit this to escalate privileges. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 91124 |
published | 2016-05-13 |
reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/91124 |
title | Symantec Endpoint Encryption 11.x < 11.1.1 Unquoted Search Path Local Privilege Escalation (SYM16-006) |
code |
|
References
- http://www.securityfocus.com/bid/90050
- http://www.securityfocus.com/bid/90050
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20160506_00
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20160506_00