Description
Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 MP1, 16.1 MP2, 16.0 RU2 HF9, 16.0 RU1 MP1 HF12, and 16.0 MP2 HF15, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
Published: 2026-03-30
Score: 7.8 High
EPSS: n/a
KEV: No
Impact: Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

Symantec Data Loss Prevention for Windows endpoints contains an elevation of privilege flaw that allows an attacker to gain higher levels of access than intended. The weakness, identified as CWE-829, can enable a user to perform administrative actions such as modifying protected files, changing system settings, or executing commands that normally require elevated privileges, potentially compromising confidentiality and integrity of protected data.

Affected Systems

Broadcom Data Loss Prevention for Windows is affected. Versions released prior to 25.1 MP1, 16.1 MP2, 16.0 RU2 HF9, 16.0 RU1 MP1 HF12, and 16.0 MP2 HF15 are vulnerable. Users should verify their installed version against this list and plan for an upgrade to a fixed release.

Risk and Exploitability

The vulnerability carries a high severity CVSS score of 7.8. No EPSS score is reported and the CVE is not listed in CISA’s KEV catalog, indicating limited known exploitation activity. Based on the description, it is inferred that the attack likely requires local execution or compromise of a trusted component, after which an attacker could gain system-wide control. The impact remains significant for organizations relying on this product to protect sensitive data.

Generated by OpenCVE AI on March 30, 2026 at 20:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest version that includes the fix, at least 25.1 MP1 for the 25.x branch or the latest update for the 16.x branch.
  • Verify the patch by checking the installed product version and re‑scanning for vulnerabilities to confirm resolution.
  • If immediate patching is not possible, monitor for updates and schedule the upgrade as soon as feasible.

Generated by OpenCVE AI on March 30, 2026 at 20:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 30 Mar 2026 18:45:00 +0000

Type Values Removed Values Added
Description Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 MP1, 16.1 MP2, 16.0 RU2 HF9, 16.0 RU1 MP1 HF12, and 16.0 MP2 HF15, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
Title Elevation of Privileges in Symantec Data Loss Prevention Windows Endpoint
Weaknesses CWE-829
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: symantec

Published:

Updated: 2026-03-31T03:55:42.659Z

Reserved: 2026-03-11T16:47:38.735Z

Link: CVE-2026-3991

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-03-30T19:16:27.207

Modified: 2026-03-30T19:16:27.207

Link: CVE-2026-3991

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-30T20:55:15Z

Weaknesses