Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-8458

Опубликовано: 20 июн. 2019
Источник: nvd
CVSS3: 4.4
CVSS2: 3.5
EPSS Низкий

Описание

Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:checkpoint:endpoint_security_clients:*:*:*:*:*:windows:*:*
Версия до e81.00 (исключая)
Конфигурация 2
cpe:2.3:a:checkpoint:remote_access_clients:*:*:*:*:*:windows:*:*
Версия до e81.00 (исключая)
Конфигурация 3
cpe:2.3:a:checkpoint:capsule_docs:*:*:*:*:*:*:*:*
Версия до e81.00 (исключая)

EPSS

Процентиль: 65%
0.005
Низкий

4.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-114
NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-29qx-v4hg-7755

github
около 3 лет назад

Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

EPSS

Процентиль: 65%
0.005
Низкий

4.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-114
NVD-CWE-noinfo