Back to search
CVE-2020-6021
Published: Dec 3, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint client’s privileges.
| Vendor | Product | Versions |
|---|---|---|
n/a | Check Point Endpoint Security Client for Windows | affected before version E84.20 |
Weaknesses (CWE)
References
https://supportcontent.checkpoint.com/solutions?id=sk170512
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now