CVE-2013-5014
CVE-2013-5014
Vexday Risk Score
72High priority
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 67.6%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Lifecycle
14 Feb 2014Published on NVD
23 Feb 2014Public PoC
24 Feb 2014Metasploit module available
Weaponization speed
9 daysto first PoC
10 daysto Metasploit module
Weaponized quickly — attackers prioritized this vulnerability. Patch urgently.
Recommendation: Patch as soon as possible — active exploitation confirmed.
The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Affected products
n/a · n/apublic PoCs found — 4
cve_referencewww.exploit-db.com/exploits/31853unverifiedcve_referencewww.exploit-db.com/exploits/31917unverifiedexploitdbwww.exploit-db.com/exploits/31917unverifiedexploitdbwww.exploit-db.com/exploits/31853unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140218-0_Symantec_Endpoint_Protection_Multiple_critical_vulnerabilities_wo_poc_v10.txthttp://www.exploit-db.com/exploits/31853http://www.exploit-db.com/exploits/31917http://www.securityfocus.com/bid/65466http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140213_00