13 results (0.010 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM. Check Point ZoneAlarm Extreme Security versiones anteriores a 15.8.211.19229, permite a usuarios locales escalar privilegios. Esto ocurre debido a una debilidad de los permisos para el directorio %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates, y una omisión del controlador de autoprotección que permite la creación de un directorio de unión. • https://github.com/Wh04m1001/ZoneAlarmEoP https://www.infigo.hr/en/insights/39/elevation-of-privilege-in-zonealarm-extreme-security https://www.zonealarm.com/software/extreme-security/release-history • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading to execution of code as local system, in ZoneAlarm versions before v15.8.211.192119 Check Point ZoneAlarm versiones anteriores a 15.8.200.19118, permite a un actor local escalar privilegios durante el proceso de actualización • https://www.zonealarm.com/software/extreme-security/release-history • CWE-269: Improper Privilege Management CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware. Check Point ZoneAlarm versiones anteriores a 15.8.139.18543, permite a un actor local escalar privilegios mientras restaura archivos en Anti-Ransomware • https://www.zonealarm.com/software/extreme-security/release-history • CWE-426: Untrusted Search Path •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware. Check Point ZoneAlarm versiones anteriores a 15.8.139.18543, permite a un actor local eliminar archivos arbitrarios mientras restaura archivos en Anti-Ransomware • https://www.zonealarm.com/software/extreme-security/release-history • CWE-275: Permission Issues •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 2

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file. Un enlace físico creado desde el archivo log file de Check Point ZoneAlarm hasta la versión 15.4.062 o el cliente de Check Point Endpoint Security para Windows anterior a versión E80.96, a cualquier archivo en el sistema se cambiará su permiso para que todos los usuarios puedan acceder a ese archivo vinculado. Hacer esto en archivos con acceso limitado le concede al atacante local mayores privilegios para el archivo. CheckPoint Endpoint Security VPN versions E80.87 Build 986009514 and below and ZoneAlarm versions 15.4.062.17802 and below suffer from a privilege escalation vulnerability. • https://www.exploit-db.com/exploits/47471 http://packetstormsecurity.com/files/154754/CheckPoint-Endpoint-Security-Client-ZoneAlarm-Privilege-Escalation.html https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk150012 https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-65: Windows Hard Link •