Critical RCE Vulnerability Found in Symantec Endpoint Management Platform

Critical RCE Vulnerability Found in Symantec Endpoint Management Platform Security researchers at LRQA have uncovered a critical remote code execution (RCE) vulnerability in Broadcom’s Symantec Endpoint Management Suite, formerly known as Altiris, that could allow unauthenticated attackers to execute arbitrary code on vulnerable systems. The flaw, assignedCVE-2025-5333, affects multiple versions of the widely used enterprise endpoint management platform and has been rated with a critical CVSS score of 9.5. Vulnerability Overview The vulnerability stems from an exposed legacy .NET Remoting endpoint in the Symantec Altiris Inventory Rule Management (IRM) component, accessible at tcp:// :4011/IRM/HostedService. When this endpoint is reachable over the network, it enables attackers to exploit insecure deserialization of .NET objects, leading to complete system compromise without requiring authentication. The vulnerability was discovered during a recent Red Team engagement when security res...