CVE-2019-12758

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.

Published: Nov 15, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-12758
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.7
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-427

Affected Software
References

Software	From	Fixed in
symantec / endpoint_protection	14.2-ru1	14.2-ru1.x
symantec / endpoint_protection	-	14.2.x

https://safebreach.com/Post/Symantec-Endpoint-Protection-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-12758
https://support.symantec.com/us/en/article.SYMSA1488.html

Vulnerability Database

289,697

CVE-2019-12758