CVE-2020-5826 : Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Busine

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.

Published 2020-02-11 18:15:17

Updated 2021-07-21 11:39:24

Source Symantec Corporation

View at NVD, CVE.org

Products affected by CVE-2020-5826

Symantec » Endpoint Protection » Version: 11.0
cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update RU5
cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update RU6
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Ru6a
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update MR1
cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update MR2
cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update MR3
cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update MR4
cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Mr4-mp1a
cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Mr4-mp2
cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Ru6-mp1
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Ru6-mp2
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Ru6-mp3
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update RU7
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Ru7-mp1
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Ru7-mp2
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Ru7-mp3
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Ru7-mp4
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 11.0 Update Ru7-mp4a
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1
cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU1
cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru1-p1
cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU2
cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru2-mp1
cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU3
cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU4
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru4-mp1
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru4-mp1a
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru4-mp1b
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru4a
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU5
cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU6
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6-mp1
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6-mp2
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6-mp3
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6-mp4
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6-mp5
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6-mp6
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6-mp7
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6-mp8
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6-mp9
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.0.0
cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.0.0 Update MP1
cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.0.0 Update MP2
cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.0.1
cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.0.1 Update MP1
cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.0.1 Update MP2
cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.2
cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.2 Update MP1
cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.2 Update RU1
cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.2 Update Ru1 Mp1
cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.0 Update RTM Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.0 Update RU1 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU1 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru1-mp1 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU2 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru2-mp1 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU3 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU4 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru4-mp1 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru4-mp1a Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru4-mp1b Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru4a Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU5 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update RU6 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp1 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp10 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp2 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp3 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp4 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp5 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp6 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp7 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp8 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 12.1 Update Ru6 Mp9 Small Business Edition
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*
Matching versions
Symantec » Endpoint Protection » Version: 14.2 Update RU2
cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2020-5826

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 17 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-5826

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:N/I:N/A:P	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2020-5826

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-5826

https://support.symantec.com/us/en/article.SYMSA1505.html

Symantec Endpoint Protection Multiple Issues
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2020-5826

Products affected by CVE-2020-5826

Exploit prediction scoring system (EPSS) score for CVE-2020-5826

CVSS scores for CVE-2020-5826

CWE ids for CVE-2020-5826

References for CVE-2020-5826