CVE-2018-18366
MEDIUMSymantec Endpoint Protection - Kernel Memory Disclosure via IRP Request
Title source: llmDescription
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://support.symantec.com/en_US/article.SYMSA1479.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107994
Scores
CVSS v3
6.5
EPSS
0.0009
EPSS Percentile
24.6%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Details
CWE
CWE-908
Status
published
Products (8)
symantec/endpoint_protection
11.0 (18 CPE variants)
symantec/endpoint_protection
12.1 (22 CPE variants)
symantec/endpoint_protection
14 (2 CPE variants)
symantec/endpoint_protection
14.0.0 mp2
symantec/endpoint_protection
14.0.1 (3 CPE variants)
symantec/endpoint_protection
14.2 (2 CPE variants)
symantec/endpoint_protection
nis-22.15.2.22
symantec/endpoint_protection
sep-12.1.7484.7002
Published
Apr 25, 2019
Tracked Since
Feb 18, 2026