CVE-2020-6014 - OpenCVE

Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Checkpoint	Endpoint Security

Configuration 1 [-]

cpe:2.3:a:checkpoint:endpoint_security:*:*:*:*:*:windows:*:*

References

Link	Resource
https://supportcontent.checkpoint.com/solutions?id=sk168081	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: checkpoint

Published: 2020-10-30T14:22:05

Updated: 2020-10-30T14:22:05

Reserved: 2020-01-07T00:00:00

Link: CVE-2020-6014

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-11-02T21:15:34.163

Modified: 2020-11-19T15:55:46.993

Link: CVE-2020-6014

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Check Point Endpoint Security Client for Windows", "vendor": "n/a", "versions": [{"status": "affected", "version": "before E83.20"}]}], "descriptions": [{"lang": "en", "value": "Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-114", "description": "CWE-114: Process Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-10-30T14:22:05", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk168081"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@checkpoint.com", "ID": "CVE-2020-6014", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Check Point Endpoint Security Client for Windows", "version": {"version_data": [{"version_value": "before E83.20"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-114: Process Control"}]}]}, "references": {"reference_data": [{"name": "https://supportcontent.checkpoint.com/solutions?id=sk168081", "refsource": "MISC", "url": "https://supportcontent.checkpoint.com/solutions?id=sk168081"}]}}}}, "cveMetadata": {"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2020-6014", "datePublished": "2020-10-30T14:22:05", "dateReserved": "2020-01-07T00:00:00", "dateUpdated": "2020-10-30T14:22:05", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:endpoint_security:*:*:*:*:*:windows:*:*", "matchCriteriaId": "FD2B7891-9885-4A69-913B-80007F89BF84", "versionEndExcluding": "e83.20", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate."}, {"lang": "es", "value": "Check Point Endpoint Security Client para Windows, con blades Anti-Bot o Threat Emulation instalados, antes de la versi\u00f3n E83.20, intenta cargar una DLL que no existe durante una consulta para el Domain Name. Un atacante con privilegios de administrador puede aprovechar esto para conseguir una ejecuci\u00f3n de c\u00f3digo dentro de un binario firmado de Check Point Software Technologies, donde bajo determinadas circunstancias puede hacer que el cliente finalice"}], "id": "CVE-2020-6014", "lastModified": "2020-11-19T15:55:46.993", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-02T21:15:34.163", "references": [{"source": "cve@checkpoint.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk168081"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-114"}], "source": "cve@checkpoint.com", "type": "Secondary"}]}