Discovery and Asset Manager Local Privilege Escalation Vulnerability

Discovery and Asset Manager Local Privilege Escalation Vulnerability

Centennial Discovery, Symantec Discovery, and Numara Asset Manager are prone to a local privilege-escalation vulnerability.

An attacker can exploit this issue to execute arbitrary code by replacing a DLL file in a directory with a malicious file of the same name. This can result in privilege escalation that may lead to a complete compromise.

Numara Asset Manager 8.0, Centennial Discovery 2006 Feature Pack 1, and Symantec Discovery 6.5 are reported affected by this issue; other versions may be vulnerable as well.