Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.
References
Link | Resource |
---|---|
https://supportcontent.checkpoint.com/solutions?id=sk178665%2C | |
https://supportcontent.checkpoint.com/solutions?id=sk179132 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 03:44
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2022-05-12 20:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-23742
Mitre link : CVE-2022-23742
CVE.ORG link : CVE-2022-23742
JSON object : View
Products Affected
checkpoint
- endpoint_security
microsoft
- windows