CVE-2013-5635

Name of the Vulnerable Software and Affected Versions Check Point Endpoint Security versions through E80.50

Description The issue arises from the Media Encryption EPM Explorer in Check Point Endpoint Security, which fails to properly maintain the state of password failures. This makes it easier for physically proximate attackers to bypass the device-locking protection mechanism. Attackers can achieve this by entering password guesses within multiple Unlock.exe processes that are running simultaneously.

Recommendations For versions through E80.50, consider disabling the Unlock.exe process until a patch is available to prevent exploitation. Restrict physical access to devices to minimize the risk of attackers bypassing the device-locking protection mechanism.