CVE-2020-5826: 
Symantec Endpoint Protection vulnerability analysis and mitigation

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to versions 14.2 RU2 MP1 and 14.2.5569.2100 respectively, were found to contain an out of bounds vulnerability. This vulnerability was discovered and reported by security researcher Z0mb1E working with Trend Micro Zero Day Initiative, and was officially documented as CVE-2020-5826 in February 2020 (Broadcom Support).

The vulnerability is classified as an out of bounds issue that results in an application reading memory outside the bounds of the memory allocated to the program. It received a CVSS v3.1 score of 5.5 (Medium severity) with the following vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Broadcom Support).

The vulnerability could potentially lead to memory access issues in the affected systems, though the specific impact is limited as indicated by the CVSS score which shows no impact on confidentiality or integrity, but a high impact on availability (Broadcom Support).

The vulnerability was addressed through the release of SEP 14.2 RU2 MP1 (14.2.5569.2100) and SEP SBE 14.2 RU2 MP1 (14.2.5569.2100). Additionally, a refresh of 14.2 RU2 (14.2.5334.2000) was released on February 10, 2020, available upon request from Symantec Technical Support (Broadcom Support).