Symantec pcAnywhere Vulnerability

Last Updated: 01/10/2018

Security Notice Level

SEVERE

Vulnerability with Symantec’s pcAnywhere could result in a malicious user accessing the system, interjecting between connections, loss of data integrity and more.

Customers that require pcAnywhere for business critical purposes need to ensure pcAnywhere 12.5 is running with all relevant patches installed. Users should follow security best practices outlined in the links below.

The IT Security office advises to disable the product until Symantec releases updates that resolve these risks.

Affected Software

  • pcAnywhere version 12.0, 12.1 and 12.5
  • pcAnywhere prior to version 12.0

Additional Information

Security bulletin names:

  • Symantec pcAnywhere™ Security Recommendations – Technical White Paper
    Release date: January 24, 2012
  • Claims by Anonymous about Symantec Source Code
    Release date: January 24, 2012

    
Additional information about this vulnerability can be viewed at: