CVE-2025-3599

Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25659	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:broadcom:symantec_endpoint_protection:*:*:*:*:*:windows:*:*

History

16 May 2025, 16:10

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-30 17:15

Updated : 2025-05-16 16:10

NVD link : CVE-2025-3599

Mitre link : CVE-2025-3599

CVE.ORG link : CVE-2025-3599

JSON object : View

Products Affected

broadcom

symantec_endpoint_protection

CWE

CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

NVD-CWE-noinfo

{"id": "CVE-2025-3599", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secure@symantec.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-04-30T17:15:50.760", "references": [{"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25659", "tags": ["Vendor Advisory"], "source": "secure@symantec.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "secure@symantec.com", "description": [{"lang": "en", "value": "CWE-367"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user."}, {"lang": "es", "value": "Symantec Endpoint Protection Windows Agent, que ejecuta un motor ERASER anterior a 119.1.7.8, puede ser susceptible a una vulnerabilidad de elevaci\u00f3n de privilegios, que puede permitir a un atacante eliminar recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."}], "lastModified": "2025-05-16T16:10:31.133", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:symantec_endpoint_protection:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "105AE9DF-EADC-45B9-A35E-59DF3B79953C", "versionEndExcluding": "119.1.7.8"}], "operator": "OR"}]}], "sourceIdentifier": "secure@symantec.com"}