CVE-2022-23743

Published: May 11, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. In addition, weak permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory allow a local attacker the ability to execute an arbitrary file write, leading to execution of code as local system, in ZoneAlarm versions before v15.8.211.192119

Vendor	Product	Versions
n/a	ZoneAlarm.	affected `before v15.8.211.192119`

Weaknesses (CWE)

CWE-269

References

https://www.zonealarm.com/software/extreme-security/release-history

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-23743

Description

Affected Products

Weaknesses (CWE)

References