Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.
References
Link | Resource |
---|---|
https://supportcontent.checkpoint.com/solutions?id=sk168081 | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: checkpoint
Published: 2020-10-30T14:22:05
Updated: 2020-10-30T14:22:05
Reserved: 2020-01-07T00:00:00
Link: CVE-2020-6014
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-11-02T21:15:34.163
Modified: 2020-11-19T15:55:46.993
Link: CVE-2020-6014
JSON object: View
Redhat Information
No data.