CVE-2016-5311
First published: Thu Jan 09 2020(Updated: )
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
Credit: secure@symantec.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Endpoint Protection | <22.8.0.50 | |
| Symantec Endpoint Protection Cloud | <22.8.0.50 | |
| Symantec Norton 360 | <22.7 | |
| Symantec Norton AntiVirus | <22.7 | |
| Symantec Norton Antivirus With Backup | <22.7 | |
| Symantec Norton Family | <22.7 | |
| Symantec Norton Internet Security | <22.7 | |
| Symantec Norton Security | <22.7 | |
| Symantec Norton Security With Backup | <22.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2016-5311?
CVE-2016-5311 is a Privilege Escalation vulnerability that exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client.
How severe is CVE-2016-5311?
CVE-2016-5311 has a severity rating of 7.8 (High).
Which software products are affected by CVE-2016-5311?
CVE-2016-5311 affects Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client.
How can I fix CVE-2016-5311?
To fix CVE-2016-5311, it is recommended to update to a version higher than 22.8.0.50 for Symantec Endpoint Protection, Symantec Endpoint Protection Cloud, Symantec Norton 360, Symantec Norton AntiVirus, Symantec Norton Antivirus With Backup, Symantec Norton Family, Symantec Norton Internet Security, Symantec Norton Security, and Symantec Norton Security With Backup.
Where can I find more information about CVE-2016-5311?
You can find more information about CVE-2016-5311 at the following references: [SecurityFocus](http://www.securityfocus.com/bid/94295) and [SecurityTracker](http://www.securitytracker.com/id/1037323, http://www.securitytracker.com/id/1037324).
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/symantec
- canonical/symantec endpoint protection
- canonical/symantec endpoint protection cloud
- canonical/symantec norton 360
- canonical/symantec norton antivirus
- canonical/symantec norton antivirus with backup
- canonical/symantec norton family
- canonical/symantec norton internet security
- canonical/symantec norton security
- canonical/symantec norton security with backup