Vulnerability Description
The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation repair and place a specially crafted binary in the repair folder, which runs with the admin privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Checkpoint | Harmony Browse | < 90.08.7405 |
| Checkpoint | Sandblast Agent For Browsers | < 90.08.7405 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0007Third Party Advisory
- https://supportcontent.checkpoint.com/solutions?id=sk175968Vendor Advisory
- https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0007Third Party Advisory
- https://supportcontent.checkpoint.com/solutions?id=sk175968Vendor Advisory
FAQ
What is CVE-2021-30359?
CVE-2021-30359 is a vulnerability with a CVSS score of 7.8 (HIGH). The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair the...
How severe is CVE-2021-30359?
CVE-2021-30359 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-30359?
Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Harmony Browse, Checkpoint Sandblast Agent For Browsers, Microsoft Windows.