Checkpoint: >> Endpoint Security Clients Security Vulnerabilities
A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-12-23
Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.
CVSS Score
4.4
EPSS Score
0.005
Published
2019-06-20
Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-06-20