Vulnerability Details : CVE-2019-8461
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.
Published
2019-08-29 21:15:11
Updated
2019-10-09 23:52:28
Vulnerability category: File inclusion
Exploit prediction scoring system (EPSS) score for CVE-2019-8461
Probability of exploitation activity in the next 30 days: 0.10%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 40 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2019-8461
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2019-8461
-
Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker.Assigned by: cve@checkpoint.com (Secondary)
-
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-8461
-
https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-Windows-Privilege-Escalation-to-SYSTEM
Check Point Endpoint Security Initial Client for Windows - Privilege Escalation to SYSTEMExploit;Third Party Advisory
-
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk160812
Enterprise Endpoint Security E81.30 Windows ClientsPatch;Vendor Advisory
Products affected by CVE-2019-8461
- cpe:2.3:a:checkpoint:endpoint_security:*:*:*:*:*:windows:*:*
- cpe:2.3:a:checkpoint:remote_access_clients:*:*:*:*:*:windows:*:*
- cpe:2.3:a:checkpoint:capsule_docs_standalone_client:*:*:*:*:*:*:*:*