CVE-2016-6590

A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
symantecCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
symantecencryption_desktop
10.0.0 ≤
𝑥
< 10.4.1
symantecendpoint_encryption
7.0 ≤
𝑥
< 7.6
symantecendpoint_encryption
7.6
symantecghost_solution_suite
3.1
symantecghost_solution_suite
3.1:maintenance_pack1
symantecghost_solution_suite
3.1:maintenance_pack2
symantecghost_solution_suite
3.1:maintenance_pack3
symantecit_management_suite
7.6
symantecit_management_suite
8.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/94279
http://www.securitytracker.com/id/1037302
https://support.symantec.com/us/en/article.symsa1385.html
http://www.securityfocus.com/bid/94279
http://www.securitytracker.com/id/1037302
https://support.symantec.com/us/en/article.symsa1385.html