Endpoint Security Security Vulnerabilities
Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration...
7.8CVSS
7.8AI Score
0.001EPSS
Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to...
4.3CVSS
4.5AI Score
0.0004EPSS
Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system...
5.5CVSS
5.5AI Score
0.0004EPSS
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global...
4.3CVSS
4.7AI Score
0.0004EPSS
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive...
5.5CVSS
5.4AI Score
0.0004EPSS
Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local...
2.3CVSS
3.8AI Score
0.0004EPSS
Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic...
7.8CVSS
7.3AI Score
0.0004EPSS
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive...
9.8CVSS
9.6AI Score
0.003EPSS
A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: (Straghkov Denis,.....
5.5CVSS
5.4AI Score
0.0004EPSS
Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client...
7.8CVSS
7.5AI Score
0.0005EPSS
5.2CVSS
5.3AI Score
0.0004EPSS
9.8CVSS
9.7AI Score
0.006EPSS
4.3CVSS
4.7AI Score
0.001EPSS
Possible system denial of service in case of arbitrary changing Firefox browser parameters. An attacker could change specific Firefox browser parameters file in a certain way and then reboot the system to make the system...
7.5CVSS
7.3AI Score
0.008EPSS
SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console...
5.7CVSS
5.7AI Score
0.001EPSS
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious...
6.7CVSS
6.5AI Score
0.0004EPSS
SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console...
5.7CVSS
5.7AI Score
0.001EPSS
SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security...
5.2CVSS
5.2AI Score
0.0004EPSS
SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security...
3.5CVSS
4.4AI Score
0.001EPSS
SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console...
5.7CVSS
5.7AI Score
0.001EPSS
SES Evolution before 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console...
7.3CVSS
7.1AI Score
0.001EPSS
A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation....
5.5CVSS
7AI Score
0.0004EPSS
Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted.....
7.8CVSS
7.3AI Score
0.0004EPSS
Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard...
5.5CVSS
7.4AI Score
0.0004EPSS
Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point.....
6.5CVSS
8AI Score
0.0004EPSS
ESET Antivirus and Antispyware Module module 1553 through 1560 allows a user with limited access rights to create hard links in some ESET directories and then force the product to write through these links into files that would normally not be write-able by the user, thus achieving privilege...
7.8CVSS
7.6AI Score
0.0004EPSS
ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to execute unauthorized commands as root by abusing an undocumented feature in scheduled...
7.8CVSS
7.6AI Score
0.0004EPSS
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with...
7.8CVSS
7.7AI Score
0.001EPSS
Ivanti Endpoint Security (formerly HEAT Endpoint Management and Security Suite) 8.5 Update 1 and earlier allows an authenticated user with low privileges and access to the local network to bypass application whitelisting when using the Application Control module on Ivanti Endpoint Security in...
7.5CVSS
7.2AI Score
0.001EPSS
The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses.....
5.9CVSS
8.1AI Score
0.004EPSS
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control....
5.1CVSS
6.5AI Score
0.001EPSS
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL...
6.7AI Score
0.0004EPSS
Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple...
6.9AI Score
0.001EPSS
Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of...
6.8AI Score
0.001EPSS
Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privileges via a Trojan...
6.7AI Score
0.0004EPSS
Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX...
7.4AI Score
0.724EPSS
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section...
6.8AI Score
0.186EPSS
Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a malformed CHM file with a large name length in the CHM chunk.....
8AI Score
0.133EPSS