Code injection

2019-06-2017:15:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

JSON

Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one.

CPENameOperatorVersion
capsule_docs_standalone_clienteq< e80.82
endpoint_security_clientseq< e80.83
endpoint_security_server_packageeq< r77.30.3
jumbo_hotfix_for_endpoint_security_servereq< r77.30
remote_access_clientseq< e80.83
smartconsole_for_endpoint_security_servereq80.83.101
smartconsole_for_endpoint_security_servereq< r77.30.3

Name	Operator	Version
capsule_docs_standalone_client	eq	< e80.82
endpoint_security_clients	eq	< e80.83
endpoint_security_server_package	eq	< r77.30.3
jumbo_hotfix_for_endpoint_security_server	eq	< r77.30
remote_access_clients	eq	< e80.83
smartconsole_for_endpoint_security_server	eq	80.83.101
smartconsole_for_endpoint_security_server	eq	< r77.30.3