CVE-2020-6021
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint client’s privileges.
Check Point Endpoint Security Client para Windows versiones anteriores a E84.20, permite un acceso de escritura al directorio desde el cual la reparación de la instalación toma lugar. Dado que MS Installer permite a usuarios habituales ejecutar la reparación, un atacante puede iniciar la reparación de la instalación y colocar una DLL especialmente diseñada en la carpeta de reparación que se ejecutará con los privilegios del cliente de Endpoint
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-07 CVE Reserved
- 2020-12-03 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-427: Uncontrolled Search Path Element
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://supportcontent.checkpoint.com/solutions?id=sk170512 | 2021-11-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Checkpoint Search vendor "Checkpoint" | Endpoint Security Search vendor "Checkpoint" for product "Endpoint Security" | < e84.20 Search vendor "Checkpoint" for product "Endpoint Security" and version " < e84.20" | windows |
Affected
| ||||||