CVE-2021-30360

Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges.
Configurations

Configuration 1 (hide)

cpe:2.3:a:checkpoint:endpoint_security:*:*:*:*:*:windows:*:*

History

21 Nov 2024, 06:03

Type Values Removed Values Added
References () https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0001/MNDT-2022-0001.md - Exploit, Third Party Advisory () https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0001/MNDT-2022-0001.md - Exploit, Third Party Advisory
References () https://supportcontent.checkpoint.com/solutions?id=sk176853 - Product, Vendor Advisory () https://supportcontent.checkpoint.com/solutions?id=sk176853 - Product, Vendor Advisory

Information

Published : 2022-01-10 14:10

Updated : 2024-11-21 06:03


NVD link : CVE-2021-30360

Mitre link : CVE-2021-30360

CVE.ORG link : CVE-2021-30360


JSON object : View

Products Affected

checkpoint

  • endpoint_security
CWE
CWE-427

Uncontrolled Search Path Element