Skip to main content

Symantec Encryption Desktop Local Privilege Escalation

A vulnerability in the kernel driver, PGPwded.sys, allows an attacker to attain arbitrary hard disk read and write access at sector level, and subsequently infect the target and gain low level persistence
Threat ID:
CC-1859
Category:
Exploit
Threat Severity:
Low
Threat Vector:
Published:
14 December 2017 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

A vulnerability in the kernel driver, PGPwded.sys, allows an attacker to attain arbitrary hard disk read and write access at sector level, and subsequently infect the target and gain low level persistence

Threat details

Remediation steps

Type Step
Users and administrators are encouraged to upgrade to Symantec Encryption Desktop suite version 10.4.1 MP2HF1 or Symantec Endpoint Encryption version v11.1.3 MP1

Last edited: 17 February 2020 11:39 am