CVE-2019-8454 — Windows Hard Link in Checkpoint Endpoint Security

CWE-65 — Windows Hard Link CWE-59 — Link Following3 documents3 sources

Severity

7.0HIGHNVD

EPSS

0.0%

top 90.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Endpoint Security Check Point Endpoint Security Client FOR Windows

Timeline

PublishedApr 29

Latest updateMay 24

Description

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5check_point/check_point_endpoint_security_client_for_windowsbefore E80.96

▶NVDcheckpoint/endpoint_security< e80.96

🔴Vulnerability Details

GHSA

GHSA-2jcp-ppp2-c9rv: A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80↗2022-05-24

▶

CVEList

CVE-2019-8454: A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80↗2019-04-29

▶