Vulnerability in Broadcom Symantec Management Suite
CVE-2026-15380
A non-administrator interactive user can obtain full SYSTEM code execution through a DCOM/task scheduler logic chain — no network access, no memory corruption required (ITMS 8.7.3)
Affected products
- Broadcom Symantec Management Suite — versions 8.7.3, 8.8, 8.8.1
References
- secure@symantec.com (vendor-advisory)