Symantec end point protection got Owned

Offensive Security has the information.

As Offensive  Security was performing a pentest, they noticed that Symantec Endpoint protection had a flaw -one that allows the hacker to escalate security privileges.

 

This is very bad as it is not a direct execution flaw, but it is a stealth method.

 

So one never notices as the hacker does their thing. And soon enough they have admin access to the machine and then network.

 

escalation privilege vulnerabilities are not good. The worst part about this is that Symantec runs the one product that is supposed to clean your computer.

symantec-endpoint-protection

Symantec Endpoint Protection is a  product of Symantec and is a corporate product of the Norton Anti-Virus variety.

One can manage the whole network with hundreds or thousands of systems with Endpoint protection

Advertisements