The host is installed with Symantec Endpoint Protection Client 11.x before 11.0.7.4 or 12.x before 12.1.2 (RU2) and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to enforce some custom polices in the Application/Device Control (ADC). Successful exploitation allows an attacker to potentially bypass restrictions set up via ADC policies and access unauthorized directories/files on a system.