Support Content Notification - Support Portal

Privilege Escalation in Symantec Management Agent

Product/Component

IT Management Suite

0 more products

Notification Id

20366

Last Updated

31 March 2022

Initial Publication Date

02 March 2022

Status

CLOSED

Severity

HIGH

CVSS Base Score

8.4

WorkAround

Affected CVE

Summary

The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations.

Affected Product(s)

Symantec Management Agent
CVE	Affected Version(s)	Remediation
CVE-2022-25623	8.5 8.6	Please install one of the point fixes available for 8.5 RU4, 8.6 RU1, and 8.6 RU2. See the References section for KB article links.

Issue Details

CVE-2022-25623
Severity / CVSS v3.1:	High / 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
References:	NVD: CVE-2022-25623
Impact:	Privilege escalation
Description:	A low privilege local account can be elevated to the SYSTEM level through registry manipulations.

References

IT Management Suite (ITMS) 8.5 RU4: https://knowledge.broadcom.com/external/article?articleId=198337
IT Management Suite (ITMS) 8.6 RU1: https://knowledge.broadcom.com/external/article?articleId=221269
IT Management Suite (ITMS) 8.6 RU2: https://knowledge.broadcom.com/external/article?articleId=235538

Acknowledgements

CVE-2022-25623: Marius Gabriel Mihai

Revisions

2022-03-31 updated the cvss base score and attack vector (user interaction metric from "Required" to "None")

2022-03-02 initial public release