CVE-2025-3599 | THREATINT

Description

Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user.

PUBLISHED Reserved 2025-04-14 | Published 2025-04-30 | Updated 2025-04-30 | Assigner symantec

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Problem types

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

Product status

Default status

unaffected

119.1.7.8

unaffected

References

support.broadcom.com/...l/content/SecurityAdvisories/0/25659

cve.org (CVE-2025-3599)

nvd.nist.gov (CVE-2025-3599)

Download JSON