Privilege Escalation in Check Point ZoneAlarm Extreme Security
CVE-2022-41604

8.8HIGH

Key Information:

Vendor

Checkpoint
Status
Zonealarm
Vendor
CVE Published:
27 September 2022

What is CVE-2022-41604?

A local privilege escalation vulnerability exists in Check Point ZoneAlarm Extreme Security prior to version 15.8.211.19229. This vulnerability stems from inadequate permissions assigned to the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory. It enables a local attacker to exploit a bypass in the self-protection driver, allowing the creation of a junction directory. Through this exploit, an attacker can move arbitrary files with the privileges of NT AUTHORITY\SYSTEM, potentially leading to unauthorized access and control over sensitive system resources.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.infigo.hr/en/insights/39/elevation-of-privile...
x_refsource_MISC
https://github.com/Wh04m1001/ZoneAlarmEoP
x_refsource_MISC
https://www.zonealarm.com/software/extreme-security/relea...
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.