Device Lock Bypass Vulnerability in Check Point Endpoint Security
CVE-2013-5636

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Endpoint Security
Vendor: CVE Published:; 30 November 2013

Summary

A vulnerability in Check Point Endpoint Security's Media Encryption EPM Explorer allows attackers with physical proximity to exploit the device-locking mechanism. The flaw in the Unlock.exe component means that password failures are not tied to the device ID, enabling adversaries to overwrite sensitive files (DVREM.EPM) after multiple password attempts, leading to potential unauthorized access. Proper security measures and software updates are necessary to mitigate this vulnerability.

References

http://www.digitalsec.net/stuff/explt+advs/CheckPoint_End...

x_refsource_MISC

https://supportcenter.checkpoint.com/supportcenter/portal...

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 30, 2013
Vulnerability Reserved
Aug 27, 2013