CVE-2022-37017
Published: 01 December 2022
Summary
CVE-2022-37017 is a high-severity an unspecified weakness vulnerability in Broadcom Symantec Endpoint Protection. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 7.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Symantec Endpoint Protection Windows agent versions prior to 14.3 RU6 and 14.3 RU5 Patch 1 contain a Security Control Bypass vulnerability that can allow circumvention of the Client User Interface Password protection and Policy Import/Export Password protection features when those controls are enabled. The issue is tracked as CVE-2022-37017 with a CVSS 3.1 score of 7.5 reflecting network attackability, no required credentials or user interaction, and high integrity impact.
An unauthenticated remote attacker can exploit the flaw to bypass the configured password protections, thereby interfering with protected interface or policy operations on affected endpoints. The narrow scope means only the password-protected functions are directly impacted rather than broader agent functionality.
Broadcom security advisories direct customers to upgrade the Windows agent to 14.3 RU6 or 14.3 RU5 Patch 1 to address the bypass condition. The provided references point to the same Broadcom support notification containing remediation guidance and version mappings.
EPSS remains flat at a peak and current value of 0.0795 with no material increase after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-39674
Vulnerability details
Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This…
more
CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.