CVE-2016-6590
First published: Wed Jan 08 2020(Updated: )
A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.
Credit: secure@symantec.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Encryption Desktop | >=10.0.0<10.4.1 | |
| Symantec Endpoint Encryption | >=7.0<7.6 | |
| Symantec Endpoint Encryption | =7.6 | |
| Symantec Ghost Solution Suite | =3.1 | |
| Symantec Ghost Solution Suite | =3.1-maintenance_pack1 | |
| Symantec Ghost Solution Suite | =3.1-maintenance_pack2 | |
| Symantec Ghost Solution Suite | =3.1-maintenance_pack3 | |
| Symantec IT Management Suite | =7.6 | |
| Symantec IT Management Suite | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2016-6590?
CVE-2016-6590 is a privilege escalation vulnerability in Symantec IT Management Suite, Symantec Ghost Solution Suite, Symantec Endpoint Virtualization, and Symantec Encryption Desktop.
How does CVE-2016-6590 affect Symantec IT Management Suite?
CVE-2016-6590 affects Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7.
How does CVE-2016-6590 affect Symantec Ghost Solution Suite?
CVE-2016-6590 affects Symantec Ghost Solution Suite 3.1.
How does CVE-2016-6590 affect Symantec Endpoint Virtualization?
CVE-2016-6590 affects Symantec Endpoint Virtualization 7.x prior to 7.6 HF7.
How does CVE-2016-6590 affect Symantec Encryption Desktop?
CVE-2016-6590 affects Symantec Encryption Desktop 10.0.0 to 10.4.1.
What is the severity of CVE-2016-6590?
The severity of CVE-2016-6590 is high, with a CVSS score of 7.8.
How do I fix CVE-2016-6590 in Symantec IT Management Suite?
To fix CVE-2016-6590 in Symantec IT Management Suite, upgrade to version 8.0 HF4 or 7.6 HF7.
How do I fix CVE-2016-6590 in Symantec Ghost Solution Suite?
To fix CVE-2016-6590 in Symantec Ghost Solution Suite, upgrade to version 3.1 MP4.
How do I fix CVE-2016-6590 in Symantec Endpoint Virtualization?
To fix CVE-2016-6590 in Symantec Endpoint Virtualization, upgrade to version 7.6 HF7.
How do I fix CVE-2016-6590 in Symantec Encryption Desktop?
To fix CVE-2016-6590 in Symantec Encryption Desktop, upgrade to a version higher than 10.4.1.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/references
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/symantec
- canonical/symantec encryption desktop
- version/symantec encryption desktop/10.0.0
- canonical/symantec endpoint encryption
- version/symantec endpoint encryption/7.0
- version/symantec endpoint encryption/7.6
- canonical/symantec ghost solution suite
- version/symantec ghost solution suite/3.1
- version/symantec ghost solution suite/3.1-maintenance_pack1
- version/symantec ghost solution suite/3.1-maintenance_pack2
- version/symantec ghost solution suite/3.1-maintenance_pack3
- canonical/symantec it management suite
- version/symantec it management suite/7.6
- version/symantec it management suite/8.0