Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 27/09/2022 Updated: 30/09/2022

CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2

VMScore: 0

Check Point ZoneAlarm Extreme Security prior to 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM.

Vulnerable Product	Search on Vulmon	Subscribe to Product
checkpoint zonealarm

CWE-269 https://www.infigo.hr/en/insights/39/elevation-of-privilege-in-zonealarm-extreme-security/https://github.com/Wh04m1001/ZoneAlarmEoP https://www.zonealarm.com/software/extreme-security/release-history https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-41604

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect