A vulnerability has been reported in Symantec Endpoint Protection Manager
The vulnerability is reported in versions 12.1.x prior to 12.1 RU3
Symantec was notified of a pre-authentication buffer overflow found in the Symantec Endpoint Protection Manager (SEPM) and Symantec Endpoint Protection Center (SPC)
The vulnerability is caused due to a boundary error within secars.dll and can be exploited to cause a buffer overflow via the web-based management console.
Manipulation of data
Vendor recommends updating to version 12.1 RU3