Vulnerability Details : CVE-2019-9695
Norton Core prior to v278 may be susceptible to an arbitrary code execution issue, which is a type of vulnerability that has the potential of allowing an individual to execute arbitrary commands or code on a target machine or in a target process. Note that this exploit is only possible with direct physical access to the device.
Products affected by CVE-2019-9695
- cpe:2.3:o:symantec:norton_core_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-9695
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 31 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-9695
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
6.8
|
MEDIUM | CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
0.9
|
5.9
|
NIST |
References for CVE-2019-9695
-
http://www.securityfocus.com/bid/107478
Symantec Norton Core CVE-2019-9695 Unspecified Arbitrary Code Execution VulnerabilityThird Party Advisory;VDB Entry
-
https://support.symantec.com/en_US/article.SYMSA1476.html
Norton Core Arbitrary Code ExecutionMitigation;Vendor Advisory
Jump to