Untrusted Search Path Vulnerability in Check Point Endpoint Security Products
CVE-2012-2753

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Remote Access Clients; Endpoint Security; Endpoint Connect; Endpoint Security Vpn
Vendor: CVE Published:; 19 June 2012

Summary

This vulnerability exists within the TrGUI.exe component of Check Point Endpoint Security products, specifically in the Endpoint Connect GUI. Local users can exploit this issue by placing a malicious DLL in the current working directory, enabling unauthorized privilege escalation on affected systems. The flaw allows threat actors to leverage their local access to embed harmful code, posing a serious risk to system integrity and security.

References

http://archives.neohapsis.com/archives/bugtraq/2012-06/00...

mailing-listx_refsource_BUGTRAQ

https://supportcenter.checkpoint.com/supportcenter/portal...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 19, 2012