Initial Publication Date: Advisory Status: Advisory Severity: CVSS Base Score:Legacy ID
31 Aug 2017 Closed High CVSS v2: 7.2 SA152
The ProxyClient application for Windows is susceptible to a privilege escalation vulnerability. A malicious local Windows user can, under certain circumstances, exploit this vulnerability to escalate their privileges on the system and execute arbitrary code with LocalSystem privileges.
3.4 for Windows
Upgrade to latest version of Unified Agent.
Additional Product Information
The Symantec ProxyClient application provides acceleration and web filtering functionality for mobile and remote users on Windows, Mac, and Linux platforms. ProxyClient works with the Symantec ProxySG appliance, which can act as a secure web gateway or provide WAN traffic optimization. ProxyClient also provides CIFS share optimization and web filtering capabilities on the local system.
ProxyClient has been obsoleted by Unified Agent. Symantec recommends that ProxyClient customers transition to the latest version of Unified Agent to get the latest functionality and vulnerability fixes. ProxyClient customers can also contact Symantec Support for workaround instructions.