Zero Day MonitorZDM

← Back to list

—

CVE-2026-11626PATCHED

broadcom · symantec endpoint protection cleanwipe removal tool

Local Privilege Escalation in Symantec Endpoint Protection macOS CleanWipe Removal Tool

Description

CleanWipe Removal Tool (macOS), prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an affected system can escalate their privileges to gain administrative control.

Affected Products

Vendor	Product	Versions
broadcom	symantec endpoint protection cleanwipe removal tool	—

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
symantec	endpoint protection	cert_advisory	90%

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37625(vendor-advisory)

Related News (2 articles)

Tier B

BSI Advisories16d ago

[NEU] [mittel] Symantec Endpoint Protection (CleanWipe Removal Tool): Schwachstelle ermöglicht Erlangen von Administratorrechten

→ No new info (linked only)

Tier C

VulDB17d ago

CVE-2026-11626 | Broadcom Symantec Endpoint Protection CleanWipe Removal Tool unnecessary privileges

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

16.0.0.65

CWECWE-250

PublishedJun 10, 2026

Last enriched17d agov2

Tags

CVE-2026-11626

Trending Score5

Source articles2

Independent2

Info Completeness7/14

Missing: versions, cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2026-40012EXP

Information about ECS zero scoped answers might leak to clients that use a specific ECS

NONECVE-2026-44838EXP

RabbitMQ MQTT Topic Permission Authorization Bypass

HIGHCVE-2026-41708EXP

Spring Cloud Sleuth instrumentation of Spring TX DoS vulnerability

NONECVE-2026-11815

Insecure Deserialization via MITM in Layer 7 Policy Manager

CRITICALPRE-CVEEXP

Critical vulnerabilities in VMware Tanzu for Valkey

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 10, 2026

Discovered by ZDM

Jun 10, 2026

Updated: severity, tags

Jun 10, 2026

Patch Available

Jun 12, 2026

Version History

v2

Last enriched 17d ago

v2Tier C17d ago

Updated severity to CRITICAL, noted no exploit available, and added CVE-2026-11626 tag.

severitytags

via VulDB

v117d ago

Initial creation