CVE-2019-8459

CVE-2019-8459 affects Check Point Endpoint Security Client for Windows with the VPN blade, prior to version E80.83. The issue is a path handling flaw where a process is started without quotes around the executable path, allowing loading of a previously placed executable with a name similar to pat...

CVE-2019-8459

Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one...

CVE-2019-8458

Check Point Endpoint Security Client for Windows (Anti-Malware blade) prior to version E81.00 is vulnerable. During a UI-initiated update, the client tries to load a non-existent DLL, which an administrator could exploit to gain code execution within the Check Point signed binary; under certain c...

CVE-2019-8458

Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software...

Check Point Response to CVE-2019-11477, CVE-2019-11478, CVE-2019-11479 - TCP SACK PANIC Linux Kernel vulnerabilities

Cause CVE-2019-11477: The Linux kernel is vulnerable to an integer overflow in the 16-bit width of TCPSKBCBskb- tcpgsosegs. A remote attacker could exploit this to crash the system and create a Denial Of Service. CVE-2019-11478: The Linux kernel is vulnerable to a flaw that allows attackers to se...

Streaming Video Fans Open to TV Hijacking

A suite of critical remote code-execution vulnerabilities in a streaming TV platform could expose entire databases of subscribers’ personal info and financial details – and could open the door to attackers hijacking the service, streaming any content they wish to customer screens. According to...

Critical Flaws Found in Widely Used IPTV Software for Online Streaming Services

Security researchers have discovered multiple critical vulnerabilities in a popular IPTV middleware platform that is currently being used by more than a thousand regional and international online media streaming services to manage their millions of subscribers. Discovered by security researchers ...

Check Point Response to Intel Microarchitectural Data Sampling Vulnerabilities (Fallout, RIDL, Zombieload) (CVE-2018-12126 , CVE-2018-12127, CVE-2018-12130, CVE-2019-11091)

Symptoms - Researchers have released information about several vulnerabilities in Intel processors: Under certain conditions, data in microarchitectural structures that the currently-running software does not have permission to access may be speculatively accessed by faulting or assisting load or...

WhatsApp Zero-Day Exploited in Targeted Spyware Attacks

UPDATE WhatsApp is urging users to update as soon as possible, after a zero-day vulnerability found in its messaging platform was exploited by attackers who were able to inject spyware onto victims’ phones in targeted campaigns. First reported by the Financial Times, the popular messaging app...

CVE-2019-8454

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the syste...

Hardcoded credentials

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the syste...

Hackers targeting embassies with trojanized version of TeamViewer

By Ryan De Souza Researchers believe the trojanized version of TeamViewer is being spread by a Russian speaking hacker. The latest report from Check Point reveals that multiple embassies in Europe were targeted with a trojanized version of TeamViewer. The embassies affected in the latest wave of...

CVE-2019-8454

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the syste...

CVE-2019-8454

CVE-2019-8454 concerns the Check Point Endpoint Security client for Windows pre-E80.96. A local attacker can create a hard-link between a file the client writes to and another BAT file, then impersonate the WPAD server to inject BAT commands into that file. Those commands may later execute under ...

CVE-2019-8452

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gain...

Hardcoded credentials

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gain...

CVE-2019-8452

CVE-2019-8452 describes a local privilege escalation in Check Point ZoneAlarm up to v15.4.062 and Check Point Endpoint Security Client for Windows prior to E80.96. A hard-link created from the log file archive to any file on the system changes the target file’s permissions, allowing access to all...

CVE-2019-8452

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gain...

CVE-2019-8453

Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client...

CVE-2019-8455

A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file...