CVE-2022-37017

EIP tracks 1 public exploit for CVE-2022-37017. PoCs published by apeppels.

AI-analyzed exploit summary This repository contains a functional Python script that patches the Symantec Endpoint Protection (SEP) client binary to bypass the UI password authentication by modifying a conditional jump instruction. The exploit leverages a memory patching technique to reverse the logic of a password check, allowing arbitrary passwords to be accepted.

Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled.