Gen Digital

Gen Digital, known for Norton antivirus and LifeLock identity protection services, has a high-severity local privilege escalation vulnerability (CVSS 7.8) that requires low-level user access but no additional authentication to achieve complete system compromise including data theft and integrity violations. The vulnerability can be exploited directly by an authenticated local attacker without user interaction, making it particularly dangerous in multi-user environments or systems with guest accounts. Security teams should monitor for patches expected by June 2026 and prioritize this update for systems where local user access cannot be strictly controlled.