CVE-2020-6024 — HIGH (7.8) — White Hats Nepal

Q: How severe is CVE-2020-6024?

CVE-2020-6024 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-6024?

Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Smartconsole.

Vulnerability Description

Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Checkpoint	Smartconsole	<= r80.10

Related Weaknesses (CWE)

CWE-114 CWE-269

References

https://supportcontent.checkpoint.com/solutions?id=sk142952Vendor Advisory
https://supportcontent.checkpoint.com/solutions?id=sk142952Vendor Advisory

FAQ

What is CVE-2020-6024?

CVE-2020-6024 is a vulnerability with a CVSS score of 7.8 (HIGH). Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation d...

How severe is CVE-2020-6024?

CVE-2020-6024 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-6024?

Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Smartconsole.