Symantec Security Update

Cloud Workload Protection

2 more products

18255

22 June 2021

21 June 2021

CLOSED

(See scores below)


Symantec Endpoint Protection, Data Center Security and Cloud Workload Protection Security Update

 

Summary

Symantec – A Division of Broadcom has released updates to address issues that were discovered in the Symantec Endpoint Protection Manager (SEPM), Symantec Endpoint Protection (SEP), Data Center Security (DCS) and Cloud Workload Protection (CWP) products.

Affected Product(s)                                             

Symantec Endpoint Protection Manager (SEPM)

CVE

Affected Version(s)

Remediation

CVE-2020-12596

Prior to 14.3 RU2

Upgrade to 14.3 RU2

 

Symantec Endpoint Protection (SEP) Windows Client

CVE

Affected Version(s)

Remediation

CVE-2020-12597

Prior to 14.3 RU1 MP1

Upgrade to 14.3 RU1 MP1 (or later)

 

**Note: This issue only impacts SEP if it is managed by ICDm or has connected to an ICDm-connected SEPM

 

Data Center Security (DCS) Windows Agent

CVE

Affected Version(s)

Remediation

CVE-2020-12597

Prior to 6.9.1

Upgrade to 6.9.1

**Note: This issue only impacts DCS Agent if Intrusion Prevention is enabled. Prevention policy enforcement mitigates the issue.

 

Cloud Workload Protection (CWP) Windows Client

CVE

Affected Version(s)

Remediation

CVE-2020-12597

Prior to 1.6.1

Upgrade to 1.6.1

 

Issue Details

CVE-2020-12596

Severity / CVSS v3.x:

Medium / 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References:

NVD: CVE-2020-12596

Impact:

HTTPS GET parameters include tokens

Description:

Session tokens in GET requests may be exposed which could potentially lead to values being logged.

 

CVE-2020-12597

Severity / CVSS v3.x:

High / 7.3 AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

References:

NVD: CVE-2020-12597

Impact:

Unhandled Exception

Description:

An unhandled exception in a common driver may result in a denial of service issue.

Mitigation

The following product updates have been released to remediate these issues:

  • SEPM 14.3 RU2
  • SEP Windows Client 14.3 RU1 MP1 (or later)
  • DCS Windows Agent 6.9.1
  • CWP Windows Client 1.6.1

In addition, Symantec has released blocking and detection signatures for further protection:

  • ISB.Heuristic!gen49

Acknowledgements

  • CVE-2020-12596: Krzysztof Przybylski https://www.linkedin.com/in/perfect/
  • CVE-2020-12597: Michael Garrison State Farm Information Security  @p0shkatz