Vulnerability Details CVE-2019-8461
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-Windows-Privilege-Escalation-to-SYSTEM
- https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk160812
- https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-Windows-Privilege-Escalation-to-SYSTEM
- https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk160812
Products affected by CVE-2019-8461
-
cpe:2.3:a:checkpoint:capsule_docs_standalone_client:-
-
cpe:2.3:a:checkpoint:endpoint_security:e80.96
-
cpe:2.3:a:checkpoint:remote_access_clients:e81.00