Symantec Security Update
Symantec Endpoint Protection, Data Center Security and Cloud Workload Protection Security Update
Summary
Symantec – A Division of Broadcom has released updates to address issues that were discovered in the Symantec Endpoint Protection Manager (SEPM), Symantec Endpoint Protection (SEP), Data Center Security (DCS) and Cloud Workload Protection (CWP) products.
Affected Product(s)
Symantec Endpoint Protection Manager (SEPM) |
||
CVE |
Affected Version(s) |
Remediation |
CVE-2020-12596 |
Prior to 14.3 RU2 |
Upgrade to 14.3 RU2 |
Symantec Endpoint Protection (SEP) Windows Client |
||
CVE |
Affected Version(s) |
Remediation |
CVE-2020-12597 |
Prior to 14.3 RU1 MP1 |
Upgrade to 14.3 RU1 MP1 (or later)
**Note: This issue only impacts SEP if it is managed by ICDm or has connected to an ICDm-connected SEPM |
Data Center Security (DCS) Windows Agent |
||
CVE |
Affected Version(s) |
Remediation |
CVE-2020-12597 |
Prior to 6.9.1 |
Upgrade to 6.9.1 **Note: This issue only impacts DCS Agent if Intrusion Prevention is enabled. Prevention policy enforcement mitigates the issue. |
Cloud Workload Protection (CWP) Windows Client |
||
CVE |
Affected Version(s) |
Remediation |
CVE-2020-12597 |
Prior to 1.6.1 |
Upgrade to 1.6.1 |
Issue Details
CVE-2020-12596 |
|
Severity / CVSS v3.x: |
Medium / 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
References: |
NVD: CVE-2020-12596 |
Impact: |
HTTPS GET parameters include tokens |
Description: |
Session tokens in GET requests may be exposed which could potentially lead to values being logged. |
CVE-2020-12597 |
|
Severity / CVSS v3.x: |
High / 7.3 AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H |
References: |
NVD: CVE-2020-12597 |
Impact: |
Unhandled Exception |
Description: |
An unhandled exception in a common driver may result in a denial of service issue. |
Mitigation
The following product updates have been released to remediate these issues:
- SEPM 14.3 RU2
- SEP Windows Client 14.3 RU1 MP1 (or later)
- DCS Windows Agent 6.9.1
- CWP Windows Client 1.6.1
In addition, Symantec has released blocking and detection signatures for further protection:
- ISB.Heuristic!gen49
Acknowledgements
- CVE-2020-12596: Krzysztof Przybylski https://www.linkedin.com/in/perfect/
- CVE-2020-12597: Michael Garrison State Farm Information Security @p0shkatz