CVE-2018-18366 vulnerability in Symantec Products
Published on April 25, 2019
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
Products Associated with CVE-2018-18366
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-18366 are published in these products:
Affected Versions
Symantec Corporation Norton Security:- Version Prior to 22.16.3 is affected.
- Version Prior to and including 12.1 RU6 MP9 is affected.
- Version Prior to 14.2 RU1 is affected.
- Version Prior to Cloud Agent 3.00.31.2817 is affected.
- Version NIS-22.15.2.22 is affected.
- Version SEP-12.1.7484.7002 is affected.
- Version Prior to 22.16.3 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.