Symantec Management Suite
Monthly
Full SYSTEM-level code execution in Broadcom's Symantec IT Management Suite (ITMS) 8.7.3 is reachable by any non-administrator interactive user via a DCOM and Windows Task Scheduler logic chain, requiring no network access and no memory corruption. The attack is confined to the local host, meaning a standard user account with an interactive session on the ITMS server is sufficient to achieve unrestricted SYSTEM privileges. No public exploit has been identified at time of analysis, though Broadcom's advisory carries the highest urgency rating (U:Red) and the CVSS 4.0 supplemental metric AU:Y indicates the exploitation steps can be automated once understood.
Full SYSTEM-level code execution in Broadcom's Symantec IT Management Suite (ITMS) 8.7.3 is reachable by any non-administrator interactive user via a DCOM and Windows Task Scheduler logic chain, requiring no network access and no memory corruption. The attack is confined to the local host, meaning a standard user account with an interactive session on the ITMS server is sufficient to achieve unrestricted SYSTEM privileges. No public exploit has been identified at time of analysis, though Broadcom's advisory carries the highest urgency rating (U:Red) and the CVSS 4.0 supplemental metric AU:Y indicates the exploitation steps can be automated once understood.