Symantec Endpoint Protection Manager authentication bypass

Added: 08/26/2015
CVE: CVE-2015-1486
BID: 76074

Background

Symantec Endpoint Protection, by Symantec Corporation, is an antivirus and personal firewall product designed to be centrally managed in corporate environments by the Symantec Endpoint Protection Manager (SEPM).

Problem

Symantec Endpoint Protection Manager is affected by an authentication bypass vulnerability in the ResetPassword action, as well as an authenticated arbitrary file write vulnerability. By exploiting these two vulnerabilities together, a remote, unauthenticated attacker could upload and execute a file containing arbitrary commands.

Resolution

Apply Symantec Endpoint Protection Manager 12.1-RU6-MP1 or higher.

References

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00
http://codewhitesec.blogspot.com/2015/07/symantec-endpoint-protection.html

Limitations

Exploit works on Symantec Endpoint Protection 12.1.

Platforms

Windows

Back to exploit index