Vulnerabilities > CVE-2018-18366 - Use of Uninitialized Resource vulnerability in Symantec products
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Windows |
| NASL id | SYMANTEC_ENDPOINT_PROT_CLIENT_SYMSA1479.NASL |
| description | The version of Symantec Endpoint Protection (SEP) Client installed on the remote host is 12.1.x or 14.0.x prior to 14.2.3332.1000. It is, therefore, affected by kernel memory disclosure vulnerability. A specially crafted IRP request can cause disclosure of uninitialized memory. Note that Nessus has not tested for this issue but has instead relied only on the application |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 124768 |
| published | 2019-05-10 |
| reporter | This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/124768 |
| title | Symantec Endpoint Protection Client 12.1.x / 14.x < 14.2.3332.1000 Kernel Memory Disclosure (SYMSA1479) |
Talos
| id | TALOS-2018-0693 |
| last seen | 2019-05-29 |
| published | 2019-04-23 |
| reporter | Talos Intelligence |
| source | http://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0693 |
| title | Symantec Endpoint Protection Small Business Edition ccSetx86.sys 0x224844 kernel memory information disclosure vulnerability |