Vulnerability Details CVE-2022-23742
Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
Products affected by CVE-2022-23742
-
cpe:2.3:a:checkpoint:endpoint_security:e80
-
cpe:2.3:a:checkpoint:endpoint_security:e80.10
-
cpe:2.3:a:checkpoint:endpoint_security:e80.20
-
cpe:2.3:a:checkpoint:endpoint_security:e80.30
-
cpe:2.3:a:checkpoint:endpoint_security:e80.40
-
cpe:2.3:a:checkpoint:endpoint_security:e80.41
-
cpe:2.3:a:checkpoint:endpoint_security:e80.50
-
cpe:2.3:a:checkpoint:endpoint_security:e80.64
-
cpe:2.3:a:checkpoint:endpoint_security:e80.65
-
cpe:2.3:a:checkpoint:endpoint_security:e80.70
-
cpe:2.3:a:checkpoint:endpoint_security:e80.71
-
cpe:2.3:a:checkpoint:endpoint_security:e80.72
-
cpe:2.3:a:checkpoint:endpoint_security:e80.80
-
cpe:2.3:a:checkpoint:endpoint_security:e80.81
-
cpe:2.3:a:checkpoint:endpoint_security:e80.82
-
cpe:2.3:a:checkpoint:endpoint_security:e80.82.1
-
cpe:2.3:a:checkpoint:endpoint_security:e80.83
-
cpe:2.3:a:checkpoint:endpoint_security:e80.84
-
cpe:2.3:a:checkpoint:endpoint_security:e80.85
-
cpe:2.3:a:checkpoint:endpoint_security:e80.86
-
cpe:2.3:a:checkpoint:endpoint_security:e80.87
-
cpe:2.3:a:checkpoint:endpoint_security:e80.88
-
cpe:2.3:a:checkpoint:endpoint_security:e80.89
-
cpe:2.3:a:checkpoint:endpoint_security:e80.90
-
cpe:2.3:a:checkpoint:endpoint_security:e80.92
-
cpe:2.3:a:checkpoint:endpoint_security:e80.94
-
cpe:2.3:a:checkpoint:endpoint_security:e80.95
-
cpe:2.3:a:checkpoint:endpoint_security:e80.96
-
cpe:2.3:a:checkpoint:endpoint_security:e81.30
-
cpe:2.3:a:checkpoint:endpoint_security:e83
-
cpe:2.3:a:checkpoint:endpoint_security:e83.20
-
cpe:2.3:a:checkpoint:endpoint_security:e84
-
cpe:2.3:a:checkpoint:endpoint_security:e84.10
-
cpe:2.3:a:checkpoint:endpoint_security:e84.20
-
cpe:2.3:a:checkpoint:endpoint_security:e85
-
cpe:2.3:a:checkpoint:endpoint_security:e86
-
cpe:2.3:a:checkpoint:endpoint_security:e86.10
-
cpe:2.3:a:checkpoint:endpoint_security:e86.20
-
cpe:2.3:a:checkpoint:endpoint_security:e86.30
-
cpe:2.3:o:microsoft:windows:-