CVE-2025-13918 | THREATINT

Description

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

PUBLISHED Reserved 2025-12-02 | Published 2026-01-28 | Updated 2026-01-29 | Assigner symantec

MEDIUM: 6.7CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-269 Improper Privilege Management

Product status

Default status

unaffected

14.3.12154.10000

affected

14.3.12167.10000

unaffected

Credits

Sandro Poppi finder

References

support.broadcom.com/...l/content/SecurityAdvisories/0/36774 vendor-advisory

cve.org (CVE-2025-13918)

nvd.nist.gov (CVE-2025-13918)

Download JSON