CVE-2019-8458

Severity Score

4.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

Check Point Endpoint Security Client para Windows, con Anti-Malware blade instalado, anterior a versión E81.00, intenta cargar una DLL inexistente durante una actualización iniciada por la interfaz de usuario. Un atacante con privilegios de administrador puede aprovechar esto para conseguir la ejecución de código dentro de un binario firmado por Check Point Software Technologies, donde bajo ciertas circunstancias puede hacer que el cliente finalice.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2019-02-18 CVE Reserved
2019-06-20 CVE Published
2023-03-08 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-114: Process Control

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053	2020-10-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Checkpoint Search vendor "Checkpoint"		Endpoint Security Clients Search vendor "Checkpoint" for product "Endpoint Security Clients"				< e81.00 Search vendor "Checkpoint" for product "Endpoint Security Clients" and version " < e81.00"		windows		Affected
Checkpoint Search vendor "Checkpoint"		Remote Access Clients Search vendor "Checkpoint" for product "Remote Access Clients"				< e81.00 Search vendor "Checkpoint" for product "Remote Access Clients" and version " < e81.00"		windows		Affected
Checkpoint Search vendor "Checkpoint"		Capsule Docs Search vendor "Checkpoint" for product "Capsule Docs"				< e81.00 Search vendor "Checkpoint" for product "Capsule Docs" and version " < e81.00"		-		Affected