CyberSec.Space Logo
Back to CVE Browser

CVE-2016-6590

HIGH
7.8
CVSS Severity Score
EPSS Score0.1470%
EPSS Percentile11.23th
PublishedJan 8, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.

Affected Platforms (CPE)

πŸ“¦
Symantec

Encryption Desktop

>= 10.0.0 and < 10.4.1
πŸ“¦
Symantec

Endpoint Encryption

>= 7.0 and < 7.6
πŸ“¦
Symantec

Endpoint Encryption

= 7.6
πŸ“¦
Symantec

Ghost Solution Suite

= 3.1
πŸ“¦
Symantec

Ghost Solution Suite

= 3.1
πŸ“¦
Symantec

Ghost Solution Suite

= 3.1
πŸ“¦
Symantec

Ghost Solution Suite

= 3.1
πŸ“¦
Symantec

It Management Suite

= 7.6
πŸ“¦
Symantec

It Management Suite

= 8.0

References & Advisories

πŸ”— http://www.securityfocus.com/bid/94279
πŸ”— http://www.securitytracker.com/id/1037302
πŸ”— https://support.symantec.com/us/en/article.symsa1385.html
πŸ”— http://www.securityfocus.com/bid/94279
πŸ”— http://www.securitytracker.com/id/1037302
πŸ”— https://support.symantec.com/us/en/article.symsa1385.html

Related Vulnerabilities

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...

CVE-2014-48619.8

The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains a...

CVE-2021-440299.8

An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code th...

CVE-2021-420018.0

PingID Desktop prior to 1.7.3 has a misconfiguration in the encryption libraries which can lead to sensitive data exposure. An att...