File Deletion Vulnerability in Check Point ZoneAlarm Security Software
CVE-2020-6022

5.5MEDIUM

Key Information:

Vendor: Checkpoint
Status: Check Point Zonealarm
Vendor: CVE Published:; 27 October 2020

Summary

A vulnerability in Check Point's ZoneAlarm security software allows a local user to delete arbitrary files during the restoration process in the Anti-Ransomware feature. This flaw poses a significant risk to data integrity and confidentiality as it can be exploited to disrupt normal operations and compromise sensitive information.

Affected Version(s)

Check Point ZoneAlarm before 15.8.139.18543

References

https://www.zonealarm.com/software/extreme-security/relea...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 27, 2020
Vulnerability Reserved
Jan 7, 2020