Symantec Storage Foundation for Windows Security Update Circumvention Vulnerability

Symantec Storage Foundation for Windows Security Update Circumvention Vulnerability

Symantec Storage Foundation for Windows is prone to a vulnerability that lets attackers circumvent security updates. The issue resides in the Volume Manager Scheduler Service.

Successful exploits of this issue allow attackers to circumvent a previous security update that resolved authentication-bypass and remote code-execution vulnerabilities. This may facilitate the complete compromise of affected computers.

Storage Foundation 5.0, 5.0 RP1, and 5.1 are vulnerable.