Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3599

Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user.

Published

2025-04-30T17:15:50.760

Last Modified

2025-08-21T17:32:34.193

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Secondary
CWE-367
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	broadcom	symantec_eraser_engine	< 119.1.7.8	Yes
Application	broadcom	symantec_endpoint_protection	-	No

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25659 Vendor Advisory ([email protected])