CVE-2020-5828

LOW

Symantec Endpoint Protection Manager <14.2 RU2 MP1 - Memory Corruption

Title source: llm

Description

Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.

References (1)

[Vendor Advisory] https://support.symantec.com/us/en/article.SYMSA1505.html

Scores

CVSS v3 3.3

EPSS 0.0007

EPSS Percentile 20.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-125

Status published

Affected Products (6)

symantec/endpoint_protection_manager < 14.2

symantec/endpoint_protection_manager

Timeline

Published Feb 11, 2020

Tracked Since Feb 18, 2026