The ProxyClient application for Windows is susceptible to a privilege escalation vulnerability. A malicious local Windows user can, under certain circumstances, exploit this vulnerability to escalate their privileges on the system and execute arbitrary code with LocalSystem privileges.
CVE |Affected Version(s)|Remediation
CVE-2017-13674 | 3.4 for Windows | Upgrade to latest version of Unified Agent.
ADDITIONAL PRODUCT INFORMATION
The Symantec ProxyClient application provides acceleration and web filtering functionality for mobile and remote users on Windows, Mac, and Linux platforms. ProxyClient works with the Symantec ProxySG appliance, which can act as a secure web gateway or provide WAN traffic optimization. ProxyClient also provides CIFS share optimization and web filtering capabilities on the local system.
ProxyClient has been obsoleted by Unified Agent. Symantec recommends that ProxyClient customers transition to the latest version of Unified Agent to get the latest functionality and vulnerability fixes. ProxyClient customers can also contact Symantec Support for workaround instructions.
Severity / CVSSv2 | High / 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) References| SecurityFocus: BID 100554 / NVD: CVE-2017-13674 Impact| Privilege escalation Description | A malicious user with access to the local Windows system can, under certain circumstances, escalate their privileges on the system and execute arbitrary code with LocalSystem privileges.
MITIGATION
Please contact Symantec Support for workaround instructions for this vulnerability.
Thanks to Dejan Zelic (<https://dejandayoff.com/>) and Early Warning (<https://earlywarning.com/>) for reporting the vulnerability.
2017-08-31 initial public release