CVE-2013-5014

EXPLOITED

Symantec Endpoint Protection Manager - XXE

Title source: rule

Description

The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/31917

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Chris Graham · pythonremotewindows

https://www.exploit-db.com/exploits/31853

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Stefan Viehbock, Chris Graham · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/antivirus/symantec_endpoint_manager_rce.rb

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140213_00

[Various Sources] https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140218-0_Symantec_Endpoint_Protection_Multiple_critical_vulnerabilities_wo_poc_v10.txt

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/65466

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/31853

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/31917

Scores

EPSS 0.8620

EPSS Percentile 99.4%

Details

VulnCheck KEV 2014-07-11

Status published

Products (6)

symantec/endpoint_protection_manager 11.0

symantec/endpoint_protection_manager 12.1.0

symantec/endpoint_protection_manager 12.1.1

symantec/endpoint_protection_manager 12.1.2

symantec/endpoint_protection_manager 12.1.3

symantec/protection_center 12.0

Published Feb 14, 2014

Tracked Since Feb 18, 2026