Bypassing Device Locking Mechanism in Check Point Endpoint Security
CVE-2013-5635

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Endpoint Security
Vendor: CVE Published:; 30 November 2013

What is CVE-2013-5635?

A vulnerability exists in the Media Encryption EPM Explorer of Check Point Endpoint Security versions up to E80.50, where the system does not properly track password failure attempts. This flaw allows attackers physically near the device to exploit multiple instances of the Unlock.exe process, facilitating unauthorized access by bypassing the device-locking feature intended to protect sensitive information.

References

http://www.digitalsec.net/stuff/explt+advs/CheckPoint_End...

x_refsource_MISC

https://supportcenter.checkpoint.com/supportcenter/portal...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 30, 2013
Vulnerability Reserved
Aug 27, 2013

Checkpoint

What is CVE-2013-5635?

References

Timeline