Symantec%20Endpoint%20Protection%20Windows%20Client

Symantec Endpoint Protection Windows Client

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2025-13919

Assigner-Symantec - A Division of Broadcom

View Details

Assigner-Symantec - A Division of Broadcom

CVSS Score-4.4||MEDIUM

EPSS-0.01% / 2.55%

7 Day CHG~0.00%

Published-28 Jan, 2026 | 16:41

Updated-30 Jan, 2026 | 08:16

Component Object Model (COM) Hijacking in Symantec Endpoint Protection Windows Client

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a COM Hijacking vulnerability, which is a type of issue whereby an attacker attempts to establish persistence and evade detection by hijacking COM references in the Windows Registry.

Vendor-Broadcom Inc.

Product-Symantec Endpoint Protection Windows Client

CWE ID-CWE-427

Uncontrolled Search Path Element

CVE-2025-13918

Assigner-Symantec - A Division of Broadcom

View Details

Assigner-Symantec - A Division of Broadcom

CVSS Score-6.7||MEDIUM

EPSS-0.01% / 0.34%

7 Day CHG~0.00%

Published-28 Jan, 2026 | 16:35

Updated-29 Jan, 2026 | 16:31

Elevation of Privileges in Symantec Endpoint Protection Windows Client

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

Vendor-Broadcom Inc.

Product-Symantec Endpoint Protection Windows Client

CWE ID-CWE-269

Improper Privilege Management