CVE-2011-3479

Symantec pcAnywhere <12.5.3 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-3479. PoCs published by Edward Torkington.

AI-analyzed exploit summary This is a writeup describing a local privilege escalation vulnerability in Symantec pcAnywhere due to insecure file permissions on key executables. The vulnerability allows any user to overwrite critical binaries, leading to privilege escalation when executed by an admin or SYSTEM.

Description

Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file.

Exploits (1)

exploitdb WRITEUP
by Edward Torkington · textlocalwindows
https://www.exploit-db.com/exploits/18823

This is a writeup describing a local privilege escalation vulnerability in Symantec pcAnywhere due to insecure file permissions on key executables. The vulnerability allows any user to overwrite critical binaries, leading to privilege escalation when executed by an admin or SYSTEM.

Classification
Writeup 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Symantec pcAnywhere 12.5.x, 12.6.x
No auth needed
Prerequisites: Local access to the system · Presence of Symantec pcAnywhere with vulnerable file permissions
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48092
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/51593

Scores

EPSS 0.0106
EPSS Percentile 60.5%

Details

CWE
CWE-264
Status published
Products (4)
symantec/pcanywhere 12.5 (4 CPE variants)
symantec/pcanywhere 12.5.539
symantec/pcanywhere 12.6.65 (2 CPE variants)
symantec/pcanywhere 12.6.7580
Published Jan 25, 2012
Tracked Since Feb 18, 2026