CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28134 – Local Privliege Escalation in Check Point Endpoint Security Remediation Service
https://notcve.org/view.php?id=CVE-2023-28134
12 Nov 2023 — Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Un atacante local puede aumentar los privilegios en las instalaciones afectadas de Check Point Harmony Endpoint/ZoneAlarm Extreme Security. Un atacante primero debe obtener la capacidad de ejecutar código con pocos privilegios en el sistema de destino p... • https://support.checkpoint.com/results/sk/sk181597 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2023-28133
https://notcve.org/view.php?id=CVE-2023-28133
23 Jul 2023 — Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file • https://support.checkpoint.com/results/sk/sk181276 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 2.3EPSS: 0%CPEs: 14EXPL: 0CVE-2022-23744
https://notcve.org/view.php?id=CVE-2022-23744
07 Jul 2022 — Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator. Check Point Endpoint antes de la versión E86.50 no protegía contra un cambio específico en el registro que permitía desactivar la protección de los puntos finales por un administrador local • https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk179609 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23742
https://notcve.org/view.php?id=CVE-2022-23742
12 May 2022 — Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. Check Point Endpoint Security Client para Windows versiones anteriores a E86.40, copian archivos para informes forenses desde un directorio con privilegios bajos. Un atacante puede reemplazar esos archivos con cont... • https://supportcontent.checkpoint.com/solutions?id=sk178665%2C • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-65: Windows Hard Link •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-30360
https://notcve.org/view.php?id=CVE-2021-30360
07 Jan 2022 — Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges. Los usuarios tienen acceso al directorio donde se produce la reparación de la instalación. Dado que el instalador de MS permite a usuarios normales ejecutar la reparación, un atacante puede iniciar la repara... • https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0001/MNDT-2022-0001.md • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6021
https://notcve.org/view.php?id=CVE-2020-6021
03 Dec 2020 — Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint client’s privileges. Check Point Endpoint Security Client para Windows versiones anteriores a E84.20, permite un acceso de escritura al directorio desde el ... • https://supportcontent.checkpoint.com/solutions?id=sk170512 • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6015
https://notcve.org/view.php?id=CVE-2020-6015
05 Nov 2020 — Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations. Check Point Endpoint Security para Windows versiones anteriores a E84.10 puede alcanzar una denegación de servicio durante la instalación limpia del cliente, lo que impedirá el almacenamiento de archivos de registro de servicio en ubicaciones no estándar • https://supportcontent.checkpoint.com/solutions?id=sk170117 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6014
https://notcve.org/view.php?id=CVE-2020-6014
30 Oct 2020 — Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate. Check Point Endpoint Security Client para Windows, con blades Anti-Bot o Threat Emulation instalados, antes ... • https://supportcontent.checkpoint.com/solutions?id=sk168081 • CWE-114: Process Control CWE-426: Untrusted Search Path •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-8463
https://notcve.org/view.php?id=CVE-2019-8463
23 Dec 2019 — A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations. Se reportó una vulnerabilidad de denegación de servicio en Check Point Endpoint Security Client para Windows versiones anteriores a E82.10, que podría permitir que un archivo de registro de servicio sea escrito en ubicaciones no estándar. • https://supportcontent.checkpoint.com/solutions?id=sk163578 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2019-8461
https://notcve.org/view.php?id=CVE-2019-8461
29 Aug 2019 — Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user. Check Point Endpoint Security Initial Client para Windows versión anterior a E81.30, intenta cargar una biblioteca DLL localizada en cualquier ubicación de RUTA (PATH) en una imagen limp... • https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-Windows-Privilege-Escalation-to-SYSTEM • CWE-114: Process Control CWE-426: Untrusted Search Path •