Plattform
broadcom
Komponente
symantec-endpoint-protection-windows-client
Behoben in
14.3 RU10 Patch 1
CVE-2025-13918 is a privilege escalation vulnerability identified in Symantec Endpoint Protection Windows Client. This vulnerability allows an attacker to potentially gain elevated access to resources normally protected by the application. The vulnerability affects versions 14.3.12154.10000 through 14.3.12167.10000. Symantec has released patches to address this issue, recommending users upgrade to 14.3 RU10 Patch 1, RU9 Patch 2, or RU8 Patch 3.
Successful exploitation of CVE-2025-13918 could allow an attacker to bypass security controls and execute code with elevated privileges on a compromised system. This could lead to unauthorized access to sensitive data, modification of system configurations, or even complete control of the endpoint. The impact is particularly concerning in enterprise environments where Symantec Endpoint Protection is deployed to protect critical assets. While the specific attack vector isn't detailed, the potential for privilege escalation suggests a sophisticated attacker could leverage this vulnerability to move laterally within a network and compromise other systems.
CVE-2025-13918 was publicly disclosed on January 28, 2026. The vulnerability's exploitation context is currently unknown; no public proof-of-concept (PoC) code has been released. It is not listed on the CISA KEV catalog at the time of this writing. The Medium CVSS score suggests a moderate likelihood of exploitation if a PoC is developed and becomes publicly available.
Organizations heavily reliant on Symantec Endpoint Protection for endpoint security are at risk. This includes businesses with legacy Symantec Endpoint Protection deployments, those with limited patching cycles, and environments where user privileges are not strictly controlled. Shared hosting environments utilizing older versions of Symantec Endpoint Protection are also particularly vulnerable.
• windows / supply-chain:
Get-Process -Name SymantecEndpointProtection | Select-Object -ExpandProperty Path• windows / supply-chain:
Get-WinEvent -LogName Application -Filter "EventID = 1000 and ProviderName = 'Symantec Endpoint Protection'"• windows / supply-chain:
Get-ItemProperty -Path 'HKLM:\Software\Symantec\SEP\InstallLocation' -Name Versiondisclosure
Exploit-Status
EPSS
0.01% (0% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-13918 is to upgrade Symantec Endpoint Protection Windows Client to a patched version. Specifically, upgrade to version 14.3 RU10 Patch 1, RU9 Patch 2, or RU8 Patch 3. If immediate patching is not possible due to compatibility issues or testing requirements, consider implementing temporary workarounds such as restricting user privileges and closely monitoring system activity for suspicious behavior. Review Symantec's security advisory for any specific configuration recommendations. After upgrading, confirm the fix by verifying the version number and checking system logs for any related errors.
Actualice Symantec Endpoint Protection Windows Client a la versión 14.3 RU10 Patch 1, RU9 Patch 2 o RU8 Patch 3, o posterior. Esto solucionará la vulnerabilidad de elevación de privilegios.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-13918 is a medium-severity privilege escalation vulnerability affecting Symantec Endpoint Protection Windows Client versions 14.3.12154.10000–14.3.12167.10000, allowing potential unauthorized access.
If you are using Symantec Endpoint Protection Windows Client versions 14.3.12154.10000 through 14.3.12167.10000, you are potentially affected by this vulnerability.
Upgrade to Symantec Endpoint Protection Windows Client 14.3 RU10 Patch 1, RU9 Patch 2, or RU8 Patch 3 to remediate the vulnerability.
As of the current disclosure date, there are no confirmed reports of active exploitation, but proactive mitigation is recommended.
Refer to the official Symantec security advisory for detailed information and updates regarding CVE-2025-13918.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.