wid-sec-w-2026-0921 · Published 2026-03-30 · View on BSI CERT-Bund ↗

Symantec Data Loss Prevention: Vulnerability allows Privilegieneskalation

CVSS 7.8 HIGH

Risk Summary

Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 MP1, 16.1 MP2, 16.0 RU2 HF9, 16.0 RU1 MP1 HF12, and 16.0 MP2 HF15, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

CVEs (1)

CVE-2026-3991

Affected Vendors

Symantec

Affected Products (10)

Symantec · Data Loss Prevention <DLP 16.0 RU1 MP1 HF12

Symantec · Data Loss Prevention DLP 16.0 RU1 MP1 HF12

Symantec · Data Loss Prevention <DLP 16.0 RU2 HF9

Symantec · Data Loss Prevention DLP 16.0 RU2 HF9

Symantec · Data Loss Prevention <DLP 16.1 MP2

Symantec · Data Loss Prevention DLP 16.1 MP2

Symantec · Data Loss Prevention <DLP 25.1 MP1

Symantec · Data Loss Prevention DLP 25.1 MP1

Symantec · Data Loss Prevention <DLP 16.0 MP2 HF15

Symantec · Data Loss Prevention DLP 16.0 MP2 HF15

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more