Plattform
broadcom
Komponente
symantec-web-security-services-agent
Behoben in
9.8.5
CVE-2025-13917 describes a Privilege Escalation vulnerability discovered in Symantec Web Security Services Agent. This flaw allows an attacker to potentially compromise the application and gain elevated access to system resources. The vulnerability affects versions 9.8.4 and 9.8.5, and a patch is available in version 9.8.5.
Successful exploitation of CVE-2025-13917 could allow an attacker to bypass security controls and gain unauthorized access to sensitive data and system functionalities. An attacker could leverage this privilege escalation to execute arbitrary code with elevated privileges, potentially leading to complete system compromise. The blast radius extends to any data or services accessible by the Symantec Web Security Services Agent, making it a significant risk for organizations relying on this security agent.
CVE-2025-13917 was published on 2026-01-28. As of this date, there are no publicly known proof-of-concept exploits. The EPSS score is pending evaluation. Monitor security advisories and threat intelligence feeds for any updates regarding active exploitation campaigns.
Organizations utilizing Symantec Web Security Services Agent in their environments, particularly those running versions 9.8.4 and 9.8.5, are at risk. This includes businesses relying on the agent for web security filtering and content inspection, especially those with less frequent patching cycles.
• broadcom / server:
ps -ef | grep 'Symantec Web Security Services Agent'• broadcom / server:
journalctl -u 'wssagent'disclosure
Exploit-Status
EPSS
0.01% (3% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-13917 is to upgrade to Symantec Web Security Services Agent version 9.8.5 or later. If an immediate upgrade is not feasible, consider implementing stricter access controls and monitoring for suspicious activity related to the agent. While a direct workaround is unavailable, regularly reviewing agent configurations and ensuring least privilege principles are enforced can reduce the potential impact. After upgrade, confirm successful patching by verifying the agent version.
Actualice Symantec Web Security Services Agent a la versión 9.8.5 o posterior. Esta actualización corrige la vulnerabilidad de elevación de privilegios. Consulte el aviso de seguridad de Broadcom para obtener más detalles e instrucciones específicas.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-13917 is a vulnerability in Symantec Web Security Services Agent allowing attackers to gain elevated privileges. It affects versions 9.8.4 and 9.8.5, potentially compromising system resources.
You are affected if you are running Symantec Web Security Services Agent versions 9.8.4 or 9.8.5. Upgrade to 9.8.5 to eliminate the vulnerability.
Upgrade to version 9.8.5 or later. If immediate upgrade is not possible, implement stricter access controls and monitor for suspicious activity.
As of the publication date, there are no publicly known active exploitation campaigns for CVE-2025-13917. However, continuous monitoring is recommended.
Refer to the Broadcom Security Advisory for CVE-2025-13917 for detailed information and official guidance.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.