Vulnerability Description
Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Checkpoint | Capsule Docs Standalone Client | < e80.20 |
| Checkpoint | Endpoint Security | < e81.30 |
| Checkpoint | Remote Access Clients | < e81.30 |
Related Weaknesses (CWE)
References
- https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-WinExploitThird Party Advisory
- https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsoPatchVendor Advisory
- https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-WinExploitThird Party Advisory
- https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsoPatchVendor Advisory
FAQ
What is CVE-2019-8461?
CVE-2019-8461 is a vulnerability with a CVSS score of 7.8 (HIGH). Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can lever...
How severe is CVE-2019-8461?
CVE-2019-8461 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-8461?
Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Capsule Docs Standalone Client, Checkpoint Endpoint Security, Checkpoint Remote Access Clients.