QwikSec

Security Database

CVE

CWE

Training

CVE-2021-30360

Published: Jan 7, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges.

Vendor	Product	Versions
n/a	Check Point Remote Access Client	affected `before E86.20`

Weaknesses (CWE)

References

https://supportcontent.checkpoint.com/solutions?id=sk176853

x_refsource_MISC

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0001/MNDT-2022-0001.md

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.