CVE-2021-30360 — Uncontrolled Search Path Element in Checkpoint Endpoint Security

CWE-427 — Uncontrolled Search Path Element3 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 67.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Checkpoint Endpoint Security

Timeline

PublishedJan 10

Latest updateJan 11

Description

Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶NVDcheckpoint/endpoint_security< e86.20

🔴Vulnerability Details

GHSA

GHSA-cmxp-9m5v-w2r3: Users have access to the directory where the installation repair occurs↗2022-01-11

▶

CVEList

CVE-2021-30360: Users have access to the directory where the installation repair occurs↗2022-01-07

▶