PT-2019-11145 · Check Point · Check Point Zonealarm

Publicado

2019-03-01

·

Atualizado

2019-10-09

·

CVE-2018-8790

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Check Point ZoneAlarm versions 15.3.064.17729 and below
Description: The issue allows a local low privileged user to execute arbitrary code as SYSTEM due to the exposure of a WCF service.
Recommendations: For Check Point ZoneAlarm versions 15.3.064.17729 and below, update to a version above 15.3.064.17729 to resolve the issue.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863

Identificadores relacionados

CVE-2018-8790

Produtos afetados

Check Point Zonealarm