Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.
References
Link | Resource |
---|---|
https://supportcontent.checkpoint.com/solutions?id=sk178665%2C | |
https://supportcontent.checkpoint.com/solutions?id=sk179132 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: checkpoint
Published: 2022-05-12T19:23:18
Updated: 2022-05-12T19:23:18
Reserved: 2022-01-19T00:00:00
Link: CVE-2022-23742
JSON object: View
NVD Information
Status : Modified
Published: 2022-05-12T20:15:15.383
Modified: 2023-11-07T03:44:18.260
Link: CVE-2022-23742
JSON object: View
Redhat Information
No data.