QwikSec

Security Database

CVE

CWE

Training

CVE-2019-8458

Published: Jun 20, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

Vendor	Product	Versions
Check Point	Check Point Endpoint Security Client for Windows, Anti-Malware blade	affected `before E81.00`

Weaknesses (CWE)

References

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.