CVE-2019-8458 - OpenCVE

Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:S/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Checkpoint	Remote Access Clients Endpoint Security Clients Capsule Docs

Configuration 1 [-]

cpe:2.3:a:checkpoint:endpoint_security_clients:*:*:*:*:*:windows:*:*

Configuration 2 [-]

cpe:2.3:a:checkpoint:remote_access_clients:*:*:*:*:*:windows:*:*

Configuration 3 [-]

cpe:2.3:a:checkpoint:capsule_docs:*:*:*:*:*:*:*:*

References

Link	Resource
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: checkpoint

Published: 2019-06-20T16:44:33

Updated: 2019-06-20T16:44:33

Reserved: 2019-02-18T00:00:00

Link: CVE-2019-8458

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-06-20T17:15:10.643

Modified: 2020-10-22T17:19:35.187

Link: CVE-2019-8458

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Check Point Endpoint Security Client for Windows, Anti-Malware blade", "vendor": "Check Point", "versions": [{"status": "affected", "version": "before E81.00"}]}], "descriptions": [{"lang": "en", "value": "Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-114", "description": "CWE-114", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-06-20T16:44:33", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@checkpoint.com", "ID": "CVE-2019-8458", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Check Point Endpoint Security Client for Windows, Anti-Malware blade", "version": {"version_data": [{"version_value": "before E81.00"}]}}]}, "vendor_name": "Check Point"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-114"}]}]}, "references": {"reference_data": [{"name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053", "refsource": "CONFIRM", "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053"}]}}}}, "cveMetadata": {"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2019-8458", "datePublished": "2019-06-20T16:44:33", "dateReserved": "2019-02-18T00:00:00", "dateUpdated": "2019-06-20T16:44:33", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:endpoint_security_clients:*:*:*:*:*:windows:*:*", "matchCriteriaId": "20B71150-CFB6-4B2F-8E0C-98669FE2879D", "versionEndExcluding": "e81.00", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:remote_access_clients:*:*:*:*:*:windows:*:*", "matchCriteriaId": "55B9134F-F1A6-4E0F-B492-5233455DD32A", "versionEndExcluding": "e81.00", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:capsule_docs:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E8869EF-94AF-4E04-B3BB-2106D31CE922", "versionEndExcluding": "e81.00", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate."}, {"lang": "es", "value": "Check Point Endpoint Security Client para Windows, con Anti-Malware blade instalado, anterior a versi\u00f3n E81.00, intenta cargar una DLL inexistente durante una actualizaci\u00f3n iniciada por la interfaz de usuario. Un atacante con privilegios de administrador puede aprovechar esto para conseguir la ejecuci\u00f3n de c\u00f3digo dentro de un binario firmado por Check Point Software Technologies, donde bajo ciertas circunstancias puede hacer que el cliente finalice."}], "id": "CVE-2019-8458", "lastModified": "2020-10-22T17:19:35.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-06-20T17:15:10.643", "references": [{"source": "cve@checkpoint.com", "tags": ["Vendor Advisory"], "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-114"}], "source": "cve@checkpoint.com", "type": "Secondary"}]}