CVE-2020-5835: 
Symantec Endpoint Management vulnerability analysis and mitigation

Symantec Endpoint Protection Manager (SEPM), prior to version 14.3, contains a race condition vulnerability identified as CVE-2020-5835. The vulnerability was discovered by Ilias Dimopoulos of RedyOps Research Labs and was publicly disclosed on May 11, 2020. This security flaw affects the client remote deployment functionality of SEPM (Broadcom Advisory).

The vulnerability is classified as a race condition in the client remote deployment functionality. It has been assigned a CVSS v3.1 base score of 7.0 (HIGH) with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H. The vulnerability is categorized under CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (NVD Database).

If successfully exploited, this vulnerability can lead to elevation of privilege on the remote machine. The high CVSS score indicates potential severe impacts on confidentiality, integrity, and availability of the affected systems (Broadcom Advisory).

The vulnerability has been fixed in Symantec Endpoint Protection Manager version 14.3. Broadcom recommends upgrading to this version to address the issue. Additional recommended security measures include restricting access to administrative systems to authorized privileged users, restricting remote access to trusted systems only, running under the principle of least privilege, and keeping all operating systems and applications current with vendor patches (Broadcom Advisory).