CVE-2020-5821: 
Symantec Endpoint Protection vulnerability analysis and mitigation

CVE-2020-5821 is a DLL injection vulnerability affecting Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) versions prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively. The vulnerability was discovered in early 2020 and was disclosed by the researcher Z0mb1E (Broadcom Advisory).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) with the vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. It is classified under CWE-74 and allows an individual to execute their own code in place of legitimate code as a means to perform an exploit (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code by injecting malicious DLL files into the application, potentially leading to complete system compromise with the same privileges as the vulnerable application (Broadcom Advisory).

Symantec has released updates to address this vulnerability. Users should upgrade to SEP 14.2 RU2 MP1 (14.2.5569.2100) or SEP SBE 14.2 RU2 MP1 (14.2.5569.2100). Additional recommended measures include restricting access to administrative systems, running under the principle of least privilege, keeping all systems current with vendor patches, and implementing a multi-layered security approach (Broadcom Advisory).