Symantec fixes Enterprise Security Manager flaw

Symantec has fixed a flaw in its Enterprise Security Manager (ESM) solution that allows an attacker to take complete control of a PC.

In an advisory released Thursday, Symantec said that all versions of the product are vulnerable to the flaw, which exists in the ESM agent remote upgrade interface.

The program’s agent accepts remote upgrade requests from any entity that understands the upgrade protocol, not verifying that the requests are from a trusted source, as it should, according to the advisory.

A hacker, assuming they have knowledge of the agent’s protocol, can take control of a PC by infecting it with malicious software.

The anti-virus giant was not aware of any exploits in the wild, according to Symantec.

The flaw is exploitable from both remote and local locations, according to a Friday advisory from FrSIRT (the French Security Incident Response Team), which ranked the flaw as "high risk."

Google's Tabua cable to be covered by extended Sydney protection zone

F5 warns breach that alarmed governments will weigh on sales

Australian authorities raid WiseTech over founder's alleged share dealings

Researchers find vulnerabilities in OpenAI's Atlas agentic browser

Gov leans into real-time network outage register

Symantec fixes Enterprise Security Manager flaw

Symantec has fixed a flaw in its Enterprise Security Manager (ESM) solution that allows an attacker to take complete control of a PC.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Euro cops take down cybercrime network with 49 million fake accounts

QLD government retires CISO position title

Hidden "Glassworm" malware spreads through infected VS Code extensions

Windows Server Update Services bug exploited in the wild

Most popular tech stories

ASIC's payroll revamp helps it repatriate staff from ATO

IAG bolsters martech stack to drive customer engagement

Jemena builds out finance automation for its month-end processes

Macquarie Bank's digital chief to join Westpac

Mondelez to use gen AI tool to create marketing videos

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Melbourne reveals its smart city ambitions

Govt launches consumer tech label program for smart devices

'Touch-free' smartphone controlled with head movements

Google's Tabua cable to be covered by extended Sydney protection zone

F5 warns breach that alarmed governments will weigh on sales

Australian authorities raid WiseTech over founder's alleged share dealings

Researchers find vulnerabilities in OpenAI's Atlas agentic browser

Gov leans into real-time network outage register

Symantec fixes Enterprise Security Manager flaw

Symantec has fixed a flaw in its Enterprise Security Manager (ESM) solution that allows an attacker to take complete control of a PC.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Euro cops take down cybercrime network with 49 million fake accounts

QLD government retires CISO position title

Hidden "Glassworm" malware spreads through infected VS Code extensions

Windows Server Update Services bug exploited in the wild

Most popular tech stories

ASIC's payroll revamp helps it repatriate staff from ATO

IAG bolsters martech stack to drive customer engagement

Jemena builds out finance automation for its month-end processes

Macquarie Bank's digital chief to join Westpac

Mondelez to use gen AI tool to create marketing videos

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Melbourne reveals its smart city ambitions

Govt launches consumer tech label program for smart devices

'Touch-free' smartphone controlled with head movements

Log In