CVE-2025-13918

MEDIUM

Symantec Endpoint Protection <14.3 RU10 Patch 1-8 - Privilege Escal...

Title source: llm

Description

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

References (1)

[Various Sources] https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36774

Scores

CVSS v3 6.7

EPSS 0.0001

EPSS Percentile 0.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (2)

Broadcom/Symantec Endpoint Protection Windows Client 14.3.12154.10000

Broadcom/Symantec Endpoint Protection Windows Client 14.3.12167.10000

Published Jan 28, 2026

Tracked Since Feb 18, 2026