CVE-2018-5240 – Symantec Management Agent (Altiris) Privilege Escalation

In case you missed it, I found a zero day vulnerability in Altiris which allows a low level user to elevate privileges to SYSTEM on any host governed by Altiris.

For more information on the vulnerability check out the Nettitude labs post below.

https://labs.nettitude.com/blog/cve-2018-5240-symantec-management-agent-altiris-privilege-escalation/

Symantec have released some notes on the vulnerability here:

https://support.symantec.com/en_US/article.SYMSA1456.html

Leave a comment

Your email address will not be published. Required fields are marked *