CVE-2020-6023Untrusted Search Path in Checkpoint Zonealarm

CWE-426Untrusted Search Path3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 79.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Checkpoint Zonealarm
Timeline
PublishedOct 27
Latest updateMay 24

Description

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDcheckpoint/zonealarm< 15.8.139.18543

🔴Vulnerability Details

2
GHSA
GHSA-wm8f-hh9v-3whp: Check Point ZoneAlarm before version 152022-05-24
CVEList
CVE-2020-6023: Check Point ZoneAlarm before version 152020-10-27
CVE-2020-6023 — Untrusted Search Path in Checkpoint | cvebase