Symantec.Common.Base.Agent.CreateProcess.Code.Execution

description-logoDescription

This indicates a possible attack towards a command execution vulnerability in the Intel LANDesk Common Base Agent, in Symantec Alert Management System 2, which is used in multiple Symantec products.
The vulnerability is due to the software's inability to properly handle malformed user supplied input. A remote attacker may exploit this to execute arbitrary code.

affected-products-logoAffected Products

Symantec AntiVirus Corporate Edition 9.0 MR6 and earlier Update to SAV 9.0 MR7
Symantec Client Security 2.0 MR6 and earlier Update to SCS 2.0 MR7
Symantec Endpoint Protection 11.0 MR2 and earlier Update to SEP 11.0 MR3

Impact logoImpact

System compromise

recomended-action-logoRecommended Actions

Please refer to the vendor's advisory for the latest updates or patches:

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-03-28 14.582 Sig Added