Directory Write Access Vulnerability in Check Point Endpoint Security Client for Windows
CVE-2020-6021

7.8HIGH

Key Information:

Vendor: Checkpoint
Status: Check Point Endpoint Security Client For Windows
Vendor: CVE Published:; 3 December 2020

Summary

The Check Point Endpoint Security Client for Windows prior to version E84.20 contains a vulnerability that permits unauthorized write access to the directory used for installation repairs. This flaw leverages the Microsoft Installer's permissions, allowing any regular user the capability to initiate a repair process. An attacker may exploit this by placing a maliciously crafted DLL in the repair directory, which subsequently runs with escalated privileges of the Endpoint Client. This could lead to unauthorized actions being performed on the system, potentially compromising sensitive information and overall system integrity.

Affected Version(s)

Check Point Endpoint Security Client for Windows before version E84.20

References

https://supportcontent.checkpoint.com/solutions?id=sk170512

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 3, 2020
Vulnerability Reserved
Jan 7, 2020