CVE-2025-13918 Symantec — Exploit & Vulnerability Details MEDIUM

CVE-2025-13918

MEDIUM CVSS 3.1: 6.7 EPSS 0.01%

Parameter	Value
CVSS	6.7 (MEDIUM)
Affected Versions	before 14.3
Type	CWE-269 (Improper Privilege Management)
Vendor	Symantec
Public PoC	No

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

Attack Parameters

Attack Vector

Local

Requires local access

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-269 Improper Privilege Management

References 1

https://support.broadcom.com/web/ecx/support-content-notification/-/external/co…

secure@symantec.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-3991

Symantec

7.8

CVE-2025-13919

Symantec

4.4

CVE-2025-0893

Symantec

7.8

Menu

CVE-2025-13918

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-3991

CVE-2025-13919

CVE-2025-0893

CVE Details

Editor's Choice

Menu

CVE-2025-13918

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-3991

CVE-2025-13919

CVE-2025-0893

CVE Details

Editor's Choice

Stay informed on cybersecurity