CVE-2019-8455
published 2019-04-17CVE-2019-8455: A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can…
PriorityP430high7.1CVSS 3.1
AVLACLPRLUINSUCHIHAN
EPSS
0.39%
31.0th percentile
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| checkpoint | zonealarm | <= 15.4.062 | — |
CVSS provenance
nvdv3.17.1HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
nvdv2.03.6LOWAV:L/AC:L/Au:N/C:P/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-04-17
Published