First published: Thu Nov 29 2018(Updated: )
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.
Credit: secure@symantec.com
Affected Software | Affected Version | How to fix |
---|---|---|
Symantec Endpoint Protection | >=11.0<12.1.7454.7000 | |
Symantec Endpoint Protection | >=14.0<=14.2 | |
Symantec Endpoint Protection Cloud | <22.15.1 | |
Symantec Norton AntiVirus | <22.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2018-12239 is medium with a severity value of 6.8.
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 are affected.
CVE-2018-12239 can be exploited by an AV bypass.
Yes, you can refer to the following links for more information: - [SecurityFocus](http://www.securityfocus.com/bid/105918) - [Symantec Support](https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html)