CVE-2013-1612

Symantec Endpoint Protection Manager - Memory Corruption

Title source: rule
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-1612. PoCs published by st3n.

AI-analyzed exploit summary This exploit targets a SEH overflow vulnerability in Symantec Endpoint Protection Manager 12.1.x by sending a maliciously crafted HTTP POST request. It overwrites the EIP register with a controlled pattern to demonstrate the vulnerability.

Description

Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.

Exploits (1)

exploitdb WORKING POC
by st3n · perldoswindows
https://www.exploit-db.com/exploits/33056

This exploit targets a SEH overflow vulnerability in Symantec Endpoint Protection Manager 12.1.x by sending a maliciously crafted HTTP POST request. It overwrites the EIP register with a controlled pattern to demonstrate the vulnerability.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Symantec Endpoint Protection Manager 12.1.0 - 12.1.2
No auth needed
Prerequisites: Network access to the target SEPM server · Valid KCS key for traffic obfuscation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/60542

Scores

EPSS 0.0270
EPSS Percentile 86.3%

Details

CWE
CWE-119
Status published
Products (5)
symantec/endpoint_protection_center 12.0.0
symantec/endpoint_protection_center 12.0.1
symantec/endpoint_protection_manager 12.1.0
symantec/endpoint_protection_manager 12.1.1
symantec/endpoint_protection_manager 12.1.2
Published Jun 20, 2013
Tracked Since Feb 18, 2026