HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2020-6024

CVSS 7.8v3.1pub. 2021-01-20upd. 2024-11-21

Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Checkpoint Smartconsole

    APP
    Checkpoint
    r80.20r80.30r80.40r81≀ r80.10
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2024-24915MEDIUM6.1ten sam produkt

Credentials are not cleared from memory after being used. A user with Administrator permissions can execute me...

CVE-2024-24916MEDIUM6.5ten sam produkt

Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code ...

CVE-2026-50751CRITICAL9.3⚠ KEVPL βœ“ten sam vendor

Auth Bypass w Check Point VPN β€” pominiΔ™cie uwierzytelnienia przez bΕ‚Δ…d IKEv1

CVE-2019-8459CRITICAL9.8ten sam vendor

Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process ...

CVE-2024-24919HIGH8.6⚠ KEVten sam vendor

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected t...

CVE-2020-6024 β€” Checkpoint β€” Smartconsole β€” HIGH β€” CVSS 7.8 | CVEbaza.pl