CVE-2020-5828: 
Symantec Endpoint Management vulnerability analysis and mitigation

CVE-2020-5828 is an out of bounds vulnerability affecting Symantec Endpoint Protection Manager (SEPM) versions prior to 14.2 RU2 MP1. The vulnerability was discovered and reported by KPC of Trend Micro Zero Day Initiative and publicly disclosed on March 3, 2020. This vulnerability has been assigned a CVSS v3 score of 3.3 (Low severity) with the vector AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N (Broadcom Support).

The vulnerability is an out of bounds issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program. The vulnerability requires local access and low privileges to exploit. The CVSS metrics indicate Local access vector, Low attack complexity, Low privileges required, No user interaction needed, Unchanged scope, Low confidentiality impact, and No impact to integrity or availability (Broadcom Support).

If exploited, this vulnerability could allow an attacker to read memory outside the allocated bounds, potentially exposing sensitive information with Low confidentiality impact. There is no impact to system integrity or availability (Broadcom Support).

Symantec released an update (14.2 RU2 MP1) to address this vulnerability. The recommended mitigation is to upgrade SEPM to version 14.2 RU2 MP1. Additional recommended security measures include restricting access to administrative systems to authorized privileged users, restricting remote access to trusted systems only, running under the principle of least privilege, keeping all systems current with vendor patches, and implementing a multi-layered security approach (Broadcom Support).