14 matches found
CVE-2022-23744
Check Point Endpoint Security Client (before version E86.50) is affected by CVE-2022-23744 due to an unprotected registry change that lets a local administrator disable endpoint protection. Root cause: protection logic does not guard against specific registry modifications. Impact: local privileg...
CVE-2019-8461
CVE-2019-8461 – Check Point Endpoint Security Initial Client for Windows is a local privilege escalation vulnerability affecting versions prior to E81.30. The issue arises when the client loads a DLL placed in any PATH location on a clean image without the Endpoint Client installed, allowing an a...
CVE-2022-23742
Affected software: Check Point Endpoint Security Client for Windows (versions earlier than E86.40). Vulnerability details: The EFRService copies forensics report files from a directory with insufficient privileges, allowing a local attacker to replace those files with malicious or linked content,...
CVE-2019-8452
CVE-2019-8452 describes a local privilege escalation in Check Point ZoneAlarm up to v15.4.062 and Check Point Endpoint Security Client for Windows prior to E80.96. A hard-link created from the log file archive to any file on the system changes the target file’s permissions, allowing access to all...
CVE-2012-2753
CVE-2012-2753 involves an untrusted DLL search path vulnerability in Check Point Endpoint Connect VPN components (R73.x/E80.x VPN blade, R75 VPN, R73.x/E80.x Endpoint Connect, E75.x Remote Access Clients). The root cause is insecure library loading: a Trojan horse DLL placed in the current workin...
CVE-2013-5635
Affected software : Media Encryption EPM Explorer in Check Point Endpoint Security (through E80.50). Issue : a weakness in how password failure state is maintained, enabling bypass of the device-lock protection by running multiple Unlock.exe processes concurrently. Impact : local, physically prox...
CVE-2013-5636
The CVE-2013-5636 issue affects Check Point Endpoint Security (E80.50) with Media Encryption EPM Explorer’s Unlock.exe. The root cause is that password failure events are not associated with a device ID, enabling physically proximate attackers to bypass device-lock protection by overwriting DVREM...
CVE-2023-28133
CVE-2023-28133 relates to a local privilege escalation in Check Point Endpoint Security Client (E87.30). The root cause is a flaw involving a crafted OpenSSL configuration file that allows a low-privilege user (Users group) to elevate privileges via affected components (e.g., TracSrvWrapper.exe, ...
CVE-2020-6021
CVE-2020-6021 affects Check Point Endpoint Security Client for Windows prior to version E84.20. The vulnerability arises because the MS Installer repair process runs with the client’s privileges and allows normal users to trigger an installation repair, enabling placement of a crafted DLL in the ...
CVE-2021-30360
The CVE-2021-30360 entry describes a local, privilege-escalation risk tied to Windows Installer repairs. An attacker with local access can trigger a repair process and place a crafted executable in the repair folder, which then runs with the privileges of the Check Point Remote Access Client. CVS...
CVE-2019-8454
CVE-2019-8454 concerns the Check Point Endpoint Security client for Windows pre-E80.96. A local attacker can create a hard-link between a file the client writes to and another BAT file, then impersonate the WPAD server to inject BAT commands into that file. Those commands may later execute under ...
CVE-2023-28134
The CVE-2023-28134 issue affects Check Point Harmony Endpoint / ZoneAlarm Extreme Security. A local attacker who can run low-privilege code can escalate to SYSTEM via the Remediation Service vulnerability. Public fixes are available: Check Point Endpoint Security E87.10 Windows clients and ZoneAl...
CVE-2020-6014
Check Point Endpoint Security Client for Windows (before vE83.20) is affected: loading a non-existent DLL during a Domain Name query can allow an administrator to execute code within a Check Point signed binary, with potential client termination. The vulnerability is described across CVE-2020-601...
CVE-2020-6015
CVE-2020-6015 affects Check Point Endpoint Security for Windows prior to E84.10. The vulnerability is a denial of service that can occur during a clean install of the client and results in the inability to store service log files in non-standard locations. The available connected documents reiter...