Symantec.Endpoint.Protection.arbitrary.file.upload.Execution
Description
This indicates an attack attempt against a arbitrary file upload, and code execution vulnerability in Symantec Endpoint Protection.
The vulnerability is allows remote authenticated users to write to arbitrary files, with vulnerable application. A remote attacker can exploit this to obtain administrator privileges, via a crafted filename.
Affected Products
Symantec Endpoint Protection prior to 12.1-RU6-MP1
Impact
Remote attackers can upload an arbitrary file, and code execution on affecting Symantec Endpoint Protection Manager
Recommended Actions
If required, this signature's action can be set to "Block" to block this operation.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |