Lucene search
+L

340 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:44 p.m.9 views

CVE-2020-6012

ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges. A sophisticated timed attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. This allows an...

7.8CVSS6.5AI score0.00727EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:40 p.m.12 views

CVE-2020-6022

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware...

5.5CVSS6.8AI score0.00306EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:39 p.m.7 views

CVE-2010-5184

Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

6.2CVSS7AI score0.00291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:1 a.m.14 views

CVE-2019-8452

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gain...

7.8CVSS6.7AI score0.01038EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 a.m.10 views

CVE-2019-8453

Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client...

5.5CVSS6.8AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:47 a.m.9 views

CVE-2019-8455

A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file...

7.1CVSS6.7AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:26 p.m.14 views

CVE-2002-1911

ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a denial of service CPU and memory consumption via a large number of SYN packets SYN flood. NOTE: the vendor was not able to reproduce the issue...

5CVSS7AI score0.03134EPSS
Exploits1References1
HackRead
HackRead
added 2025/03/21 5:35 p.m.10 views

Checkpoint ZoneAlarm Driver Flaw Exposes Users to Credential Theft

Credential theft alert! Venak Security discovers a BYOVD attack using .SYS drivers to bypass Windows security. Learn how…...

7.3AI score
Exploits0
NVD
NVD
added 2024/11/22 8:15 p.m.27 views

CVE-2024-6233

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...

7.8CVSS0.00398EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 8:15 p.m.5 views

CVE-2024-6233

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...

7.8CVSS6.2AI score0.00398EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/22 8:5 p.m.10 views

CVE-2024-6233 Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...

7.8CVSS7.8AI score0.00398EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/22 8:5 p.m.26 views

CVE-2024-6233 Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...

7.8CVSS0.00398EPSS
Exploits0References1
CVE
CVE
added 2024/11/22 8:5 p.m.61 views

CVE-2024-6233

CVE-2024-6233 affects Check Point ZoneAlarm Extreme Security, with the vulnerability located in the Forensic Recorder service. By creating a symbolic link, an attacker who already has low-privilege code execution can abuse the service to overwrite arbitrary files, enabling privilege escalation to...

7.8CVSS7.8AI score0.00398EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/22 12:0 a.m.4 views

Check Point ZoneAlarm Extreme Security 安全漏洞

Check Point ZoneAlarm Extreme Security is a security antivirus from Check Point, Israel. A security vulnerability exists in Check Point ZoneAlarm Extreme Security that stems from improper handling of symbolic links in the Forensic Recorder service, which could allow a local attacker to overwrite...

7.8CVSS7.8AI score0.00398EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/08/01 12:0 a.m.6 views

The vulnerability of the Forensic Recorder service in the software for comprehensive antivirus protection provided by Check Point’s ZoneAlarm Extreme Security allows a hacker to elevate their privileges and execute arbitrary code within the SYSTEM context.

The vulnerability of the Forensic Recorder service in the Check Point ZoneAlarm Extreme Security software lies in the improper handling of symbolic links before accessing a file. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code within the...

7.8CVSS7.6AI score0.00398EPSS
Exploits0References6Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2024/07/31 12:0 a.m.9 views

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...

7.8CVSS7.2AI score0.00398EPSS
Exploits0References1
NVD
NVD
added 2024/04/18 6:15 p.m.15 views

CVE-2024-24910

A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target...

7.3CVSS6.9AI score0.00153EPSS
Exploits0References1
OSV
OSV
added 2024/04/18 6:15 p.m.8 views

CVE-2024-24910

A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target...

7.3CVSS6AI score0.00153EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/18 5:35 p.m.23 views

CVE-2024-24910 LocalprivilegeescalationinCheckPointZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,andIdentityAgentforWindowsTerminalServerviacraftedDLLfile

A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target...

7.1AI score0.00153EPSS
Exploits0References1
CVE
CVE
added 2024/04/18 5:35 p.m.78 views

CVE-2024-24910

CVE-2024-24910 describes a local privilege escalation in Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. Affected components arise from incorrect permission handling for a critical resource, enabling a local attacker who ...

7.3CVSS6.7AI score0.00153EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder