Symantec fixes Enterprise Security Manager flaw

Symantec has fixed a flaw in its Enterprise Security Manager (ESM) solution that allows an attacker to take complete control of a PC.

In an advisory released Thursday, Symantec said that all versions of the product are vulnerable to the flaw, which exists in the ESM agent remote upgrade interface.

The program’s agent accepts remote upgrade requests from any entity that understands the upgrade protocol, not verifying that the requests are from a trusted source, as it should, according to the advisory.

A hacker, assuming they have knowledge of the agent’s protocol, can take control of a PC by infecting it with malicious software.

The anti-virus giant was not aware of any exploits in the wild, according to Symantec.

The flaw is exploitable from both remote and local locations, according to a Friday advisory from FrSIRT (the French Security Incident Response Team), which ranked the flaw as "high risk."

REA Group brings conversational AI search to realestate.com.au

Starlink plots phone, more internet services

Telstra says cost trade-offs will follow if spectrum license obligations stick

Bunnings facial recognition privacy breach ruling partially reversed

CBA sets up dedicated AI risk committee for governance

Symantec fixes Enterprise Security Manager flaw

Symantec has fixed a flaw in its Enterprise Security Manager (ESM) solution that allows an attacker to take complete control of a PC.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Popular text editor Notepad++ was hacked to drop malware

'Moltbook' social media site for AI agents had big security hole

Bunnings facial recognition privacy breach ruling partially reversed

Global proxy operator IPIDEA denies Google's malicious intent allegations

Most popular tech stories

ANZ deploys Agentforce to supercharge new CRM system

Nissan's A/NZ finance arm embarks on $35m digital transformation

CBA sets up dedicated AI risk committee for governance

Blacktown City Council trials AI for development applications

NSW gov to make AI risk assessments less "subjective"

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Perth IoT vendor Digital Matter names new chief executive

Axis Communications opens experience centre in Sydney tech hub

Govt launches consumer tech label program for smart devices

REA Group brings conversational AI search to realestate.com.au

Starlink plots phone, more internet services

Telstra says cost trade-offs will follow if spectrum license obligations stick

Bunnings facial recognition privacy breach ruling partially reversed

CBA sets up dedicated AI risk committee for governance

Symantec fixes Enterprise Security Manager flaw

Symantec has fixed a flaw in its Enterprise Security Manager (ESM) solution that allows an attacker to take complete control of a PC.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Popular text editor Notepad++ was hacked to drop malware

'Moltbook' social media site for AI agents had big security hole

Bunnings facial recognition privacy breach ruling partially reversed

Global proxy operator IPIDEA denies Google's malicious intent allegations

Most popular tech stories

ANZ deploys Agentforce to supercharge new CRM system

Nissan's A/NZ finance arm embarks on $35m digital transformation

CBA sets up dedicated AI risk committee for governance

Blacktown City Council trials AI for development applications

NSW gov to make AI risk assessments less "subjective"

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Perth IoT vendor Digital Matter names new chief executive

Axis Communications opens experience centre in Sydney tech hub

Govt launches consumer tech label program for smart devices

Log In