CVE-2019-8458 — Process Control in Checkpoint Endpoint Security Clients

CWE-114 — Process Control3 documents3 sources

Severity

4.4MEDIUMNVD

EPSS

0.5%

top 35.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Capsule Docs Checkpoint Endpoint Security Clients Checkpoint Remote Access Clients

Timeline

PublishedJun 20

Latest updateMay 24

Description

Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.7 | Impact: 3.6

Affected Packages3 packages

▶NVDcheckpoint/endpoint_security_clients< e81.00

▶NVDcheckpoint/remote_access_clients< e81.00

▶NVDcheckpoint/capsule_docs< e81.00

🔴Vulnerability Details

GHSA

GHSA-29qx-v4hg-7755: Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81↗2022-05-24

▶

CVEList

CVE-2019-8458: Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81↗2019-06-20

▶