CVE-2013-5636

Name of the Vulnerable Software and Affected Versions Check Point Endpoint Security versions through E80.50

Description The issue arises from the Unlock.exe in Media Encryption EPM Explorer, which fails to associate password failures with a device ID. This oversight allows physically proximate attackers to bypass the device-locking protection mechanism. Attackers can exploit this by overwriting DVREM.EPM with a copy of itself after each few password guesses, making it easier to bypass the protection.

Recommendations For Check Point Endpoint Security versions through E80.50, as a temporary workaround, consider implementing additional authentication measures or restricting physical access to devices until a patch is available.