CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-24910 – Local privilege escalation in Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server via crafted DLL file
https://notcve.org/view.php?id=CVE-2024-24910
18 Apr 2024 — A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system. Un atacante local puede escalar privilegios en Check Point ZoneAlarm Extreme Security NextGen, Identity Agent para Windows y Identity Agent para Windows Terminal Server afectados. Para aprovechar esta vulner... • https://support.checkpoint.com/results/sk/sk182219 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30356
https://notcve.org/view.php?id=CVE-2021-30356
22 Apr 2021 — A denial of service vulnerability was reported in Check Point Identity Agent before R81.018.0000, which could allow low privileged users to overwrite protected system files. Se reportó una vulnerabilidad de Denegación de Servicio en Check Point Identity Agent versiones anteriores a R81.018.0000, que podría permitir a usuarios poco privilegiados sobrescribir archivos protegidos del sistema • https://supportcontent.checkpoint.com/solutions?id=sk134312 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •