CVE-2020-5839

HIGH

Symantec Endpoint Detection And Response <4.4 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-5839. PoCs published by nasbench.

AI-analyzed exploit summary The repository provides a technical description of an information disclosure vulnerability in Symantec EDR on-prem versions prior to 4.4.0. It lists specific endpoints that expose sensitive information without requiring authentication.

Description

Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.

Exploits (1)

nomisec WRITEUP 1 stars
by nasbench · poc
https://github.com/nasbench/CVE-2020-5839

The repository provides a technical description of an information disclosure vulnerability in Symantec EDR on-prem versions prior to 4.4.0. It lists specific endpoints that expose sensitive information without requiring authentication.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Symantec EDR on-prem < 4.4.0
No auth needed
Prerequisites: Network access to the target Symantec EDR server
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Scores

CVSS v3 7.5
EPSS 0.0201
EPSS Percentile 78.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

Status published
Products (1)
symantec/endpoint_detection_and_response < 4.4
Published Jul 08, 2020
Tracked Since Feb 18, 2026