CVE-2025-13917 HIGH

CVE-2025-13917: Elevation of Privileges in Web Security Services (WSS) Agent

Vendor Broadcom
Product Symantec Web Security Services Agent
Weakness CWE-269
Published January 28, 2026
Last update January 28, 2026

CVSS base score

7.0/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

WSS Agent, prior to 9.8.5, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

Key dates

02Disclosure timeline

January 28, 2026 CVE published
January 28, 2026 Record updated