CVE-2020-6014 — Process Control in Checkpoint Endpoint Security

CWE-114 — Process Control CWE-426 — Untrusted Search Path3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 70.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Endpoint Security Check Point Endpoint Security Client FOR Windows

Timeline

PublishedNov 2

Latest updateMay 24

Description

Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:HExploitability: 0.6 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5check_point/check_point_endpoint_security_client_for_windowsbefore E83.20

▶NVDcheckpoint/endpoint_security< e83.20

🔴Vulnerability Details

GHSA

GHSA-5rvw-257c-fpq2: Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83↗2022-05-24

▶

CVEList

CVE-2020-6014: Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83↗2020-10-30

▶