Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
checkpoint capsule docs standalone client |
||
checkpoint remote access clients |
||
checkpoint endpoint security |