The host is installed with Symantec Endpoint Protection (SEP) Client 12.1 through 12.1 RU6 MP10 or 14.x before 14.2 RU1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a specially crafted IRP request. Successful exploitation could allow attackers to disclose the kernel memory.