CVE-2013-4679

Symantec Workspace Virtualization <6.4.1953.0 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4679. PoCs published by MJ0011.

AI-analyzed exploit summary This exploit targets a kernel-mode privilege escalation vulnerability in Symantec Workspace Virtualization 6.4.1895.0. It leverages a buffer overflow in the fslx.sys driver's hook function for NtQueryValueKey to execute arbitrary code in kernel mode, ultimately achieving local privilege escalation.

Description

Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system.

Exploits (1)

exploitdb WORKING POC
by MJ0011 · clocalwindows
https://www.exploit-db.com/exploits/26950

This exploit targets a kernel-mode privilege escalation vulnerability in Symantec Workspace Virtualization 6.4.1895.0. It leverages a buffer overflow in the fslx.sys driver's hook function for NtQueryValueKey to execute arbitrary code in kernel mode, ultimately achieving local privilege escalation.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Symantec Workspace Virtualization 6.4.1895.0
No auth needed
Prerequisites: Local access to the target system · Presence of vulnerable Symantec Workspace Virtualization software
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

EPSS 0.0104
EPSS Percentile 59.5%

Details

CWE
CWE-119
Status published
Products (1)
symantec/workspace_virtualization < 6.4.1895.0
Published Aug 05, 2013
Tracked Since Feb 18, 2026