Symantec DLP Windows EP EoP before 25.1
CVE-2026-3991 Published on March 30, 2026
Elevation of Privileges in Symantec Data Loss Prevention Windows Endpoint
Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 MP1, 16.1 MP2, 16.0 RU2 HF9, 16.0 RU1 MP1 HF12, and 16.0 MP2 HF15, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
Vulnerability Analysis
CVE-2026-3991 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Inclusion of Functionality from Untrusted Control Sphere
The software imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.
Affected Versions
Broadcom Data Loss Prevention:- Version 25.1.00100.60229 is unaffected.
- Version 16.1.00200.60431 is unaffected.
- Version 16.0.20009.60689 is unaffected.
- Version 16.0.10112.60928 is unaffected.
- Version 16.0.00215.62094 is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.