Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Forensic Recorder service. By creating a symbolic link, an attacker can abuse the service to overwrite arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21677.
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HCheckpoint Zonealarm Extreme Security Nextgen
APPCheckpoint4.0.148
Related vulnerabilities
A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity ...
Auth Bypass w Check Point VPN — pominięcie uwierzytelnienia przez błąd IKEv1
Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process ...
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected t...
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized p...