CVE-2021-30359

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation repair and place a specially crafted binary in the repair folder, which runs with the admin privileges.

Los instaladores de Harmony Browse y SandBlast Agent for Browsers deben tener privilegios de administrador para ejecutar algunos pasos durante la instalación. Dado que el instalador de MS permite a usuarios normales reparar su instalación, un atacante que ejecute un instalador anterior a versión 90.08.7405, puede iniciar una reparación de la instalación y colocar un binario especialmente diseñado en la carpeta de reparación, que se ejecuta con los privilegios de administrador

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-04-07 CVE Reserved
2021-10-22 CVE Published
2023-05-15 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-427: Uncontrolled Search Path Element

CAPEC

References (2)

URL	Tag	Source
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0007/MNDT-2021-0007.md	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://supportcontent.checkpoint.com/solutions?id=sk175968	2021-10-27

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Checkpoint Search vendor "Checkpoint"	Harmony Browse Search vendor "Checkpoint" for product "Harmony Browse"	< 90.08.7405 Search vendor "Checkpoint" for product "Harmony Browse" and version " < 90.08.7405"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	-	-	Safe
Checkpoint Search vendor "Checkpoint"	Sandblast Agent For Browsers Search vendor "Checkpoint" for product "Sandblast Agent For Browsers"	< 90.08.7405 Search vendor "Checkpoint" for product "Sandblast Agent For Browsers" and version " < 90.08.7405"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows Search vendor "Microsoft" for product "Windows"	-	-	Safe