CVE-2025-13918

MEDIUM 6.7

Elevation of Privileges in Symantec Endpoint Protection Windows Client

CVSS Score

6.7

EPSS Score

0.0%

EPSS Percentile

0th

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

CWE	CWE-269
Vendor	broadcom
Product	symantec endpoint protection windows client
Ecosystems	Virtualization Networking
Industries	Technology
Published	Jan 28, 2026
Last Updated	Feb 26, 2026

Stay Ahead of the Next One

Get instant alerts for broadcom symantec endpoint protection windows client

Be the first to know when new medium vulnerabilities affecting broadcom symantec endpoint protection windows client are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Broadcom / Symantec Endpoint Protection Windows Client

14.3.12154.10000

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.broadcom.com: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36774

Credits

Sandro Poppi