// For flags

CVE-2013-5636

 

Severity Score

3.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of itself after each few password guesses.

Unlock.exe en Media Encryption EPM Explorer de Check Point Endpoint Security hasta la versión E80.50 no asocia fallos en la introducción de contraseña junto a un identificador del dispositivo, lo que hace más sencillo a atacantes físicamente próximos evadir mecanismos de protección device-locking mediante la sobreescritura del DVREM.EPM con una copia de sí mismo, después de algunos intentos de adivinación de contraseña.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-08-27 CVE Reserved
  • 2013-11-14 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-10-20 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-255: Credentials Management Errors
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Checkpoint
Search vendor "Checkpoint"
Endpoint Security
Search vendor "Checkpoint" for product "Endpoint Security"
e80
Search vendor "Checkpoint" for product "Endpoint Security" and version "e80"
vpn_blade
Affected
Checkpoint
Search vendor "Checkpoint"
Endpoint Security
Search vendor "Checkpoint" for product "Endpoint Security"
e80.10
Search vendor "Checkpoint" for product "Endpoint Security" and version "e80.10"
vpn_blade
Affected
Checkpoint
Search vendor "Checkpoint"
Endpoint Security
Search vendor "Checkpoint" for product "Endpoint Security"
e80.20
Search vendor "Checkpoint" for product "Endpoint Security" and version "e80.20"
vpn_blade
Affected
Checkpoint
Search vendor "Checkpoint"
Endpoint Security
Search vendor "Checkpoint" for product "Endpoint Security"
e80.30
Search vendor "Checkpoint" for product "Endpoint Security" and version "e80.30"
vpn_blade
Affected
Checkpoint
Search vendor "Checkpoint"
Endpoint Security
Search vendor "Checkpoint" for product "Endpoint Security"
e80.40
Search vendor "Checkpoint" for product "Endpoint Security" and version "e80.40"
vpn_blade
Affected
Checkpoint
Search vendor "Checkpoint"
Endpoint Security
Search vendor "Checkpoint" for product "Endpoint Security"
e80.41
Search vendor "Checkpoint" for product "Endpoint Security" and version "e80.41"
vpn_blade
Affected
Checkpoint
Search vendor "Checkpoint"
Endpoint Security
Search vendor "Checkpoint" for product "Endpoint Security"
e80.50
Search vendor "Checkpoint" for product "Endpoint Security" and version "e80.50"
vpn_blade
Affected