Privilege Escalation Vulnerability in Check Point Endpoint Security Client for Windows
CVE-2019-8461

7.8HIGH

Key Information:

Vendor: Checkpoint
Status: Check Point Endpoint Security Initial Client For Windows
Vendor: CVE Published:; 29 August 2019

Summary

The Check Point Endpoint Security Initial Client for Windows before version E81.30 is vulnerable to a privilege escalation attack. The issue arises when the client attempts to load a dynamic-link library (DLL) from any designated PATH location on a system where the client is not pre-installed. By placing a specially crafted DLL with write permissions in an accessible PATH location, an attacker can exploit this design flaw to gain elevated privileges and potentially execute arbitrary code with elevated SYSTEM privileges.

Affected Version(s)

Check Point Endpoint Security Initial Client for Windows before version E81.30

References

https://supportcenter.checkpoint.com/supportcenter/portal...

x_refsource_MISC

https://safebreach.com/Post/Check-Point-Endpoint-Security...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 29, 2019
Vulnerability Reserved
Feb 18, 2019