Published on: 21 March 2016
Symantec has published a security advisory to address multiple vulnerabilities found in Symantec Endpoint Protection (SEP). These vulnerabilities are caused by insufficient security checks in SEP Manager (SEPM) and a problem in Application and Device Control component on a SEP client in validating external input. A remote attacker could entice a user to access a malicious link or open a malicious document to exploit the vulnerabilities.
A successful attack could lead to security restrictions bypass, elevation of privileges or arbitrary code execution on an affected system.
Symantec has released a new patch of the product, Symantec Endpoint Protection 12.1 Release Update 6 Maintenance Patch 4, to address the issues and it can be downloaded through Symantec File Connect.
Users of affected systems should follow the recommendations and best practices provided by the product vendor and take immediate actions to mitigate the risk.
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2016&suid=20160317_00
https://support.symantec.com/en_US/article.doc9223.html
https://www.us-cert.gov/ncas/current-activity/2016/03/17/Symantec-Releases-Security-Update
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8152 (to CVE-2015-8154)