Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CheckpointEndpoint Security

8 matches found

CVE
CVEadded 2019/08/29 9:15 p.m.105 views

CVE-2019-8461

Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with writ...

7.8CVSS7.7AI score0.00164EPSS
CVE
CVEadded 2022/05/12 8:15 p.m.100 views

CVE-2022-23742

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.

7.8CVSS7.4AI score0.00354EPSS
CVE
CVEadded 2019/04/22 10:29 p.m.96 views

CVE-2019-8452

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains ...

7.8CVSS7.4AI score0.00224EPSS
CVE
CVEadded 2023/07/23 10:15 a.m.52 views

CVE-2023-28133

Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file

7.8CVSS7.7AI score0.01615EPSS
CVE
CVEadded 2020/12/03 2:15 p.m.44 views

CVE-2020-6021

Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted D...

7.8CVSS7.5AI score0.00058EPSS
CVE
CVEadded 2019/04/29 4:29 p.m.41 views

CVE-2019-8454

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system.

7CVSS6.8AI score0.00033EPSS
CVE
CVEadded 2022/01/10 2:10 p.m.38 views

CVE-2021-30360

Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privil...

7.8CVSS7.5AI score0.00044EPSS
CVE
CVEadded 2023/11/12 11:15 p.m.28 views

CVE-2023-28134

Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

7.8CVSS7.8AI score0.00043EPSS