Hi ,
A recent vulnerability has been identified and it is SYM15-011 and all SEP 12.1.x versions are affected.
To fix the vulnerability either the SEPM or the clients needed to upgraded to 12.1.6 MP3
For info regarding the vulnerability check the link
https://www.symantec.com/security_response/securit...
Mitigation Symantec will be releasing the following IPS signature to detect/prevent attempts against CVE-2015-6555 in SEPM. Detections will be available through normal Symantec security update channels. 28950 Attack: SEPM JRMI RCE Best Practices As part of normal best practices, Symantec strongly recommends the following: Restrict access to administrative or management systems to authorized privileged users. Restrict remote access, if required, to trusted/authorized systems only. Run under the principle of least privilege where possible to limit the impact of potential exploit. Keep all operating systems and applications current with vendor patches. Follow a multi-layered approach to security. At a minimum, run both firewall and anti-malware applications to provide multiple points of detection and protection to both inbound and outbound threats. Deploy network- and host-based intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in the detection of attacks or malicious activity related to the exploitation of latent vulnerabilities.