Privilege Escalation Vulnerability in Check Point ZoneAlarm
CVE-2020-6023

7.8HIGH

Key Information:

Vendor: Checkpoint
Status: Check Point Zonealarm
Vendor: CVE Published:; 27 October 2020

Summary

A vulnerability in Check Point's ZoneAlarm software allows a local actor to escalate privileges when restoring files protected by the Anti-Ransomware feature. This issue affects all versions prior to 15.8.139.18543, potentially enabling unauthorized access to system resources and sensitive data. Users are encouraged to upgrade to the latest version to mitigate this risk.

Affected Version(s)

Check Point ZoneAlarm before 15.8.139.18543

References

https://www.zonealarm.com/software/extreme-security/relea...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 27, 2020
Vulnerability Reserved
Jan 7, 2020