CVE-2019-8461

Name of the Vulnerable Software and Affected Versions Check Point Endpoint Security Initial Client for Windows versions prior to E81.30

Description The issue is related to an unbounded file upload vulnerability. It may allow a remote attacker to elevate their privileges. An attacker can leverage this to gain local privilege escalation (LPE) using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.

Recommendations For versions prior to E81.30, update to version E81.30 or later to resolve the issue. As a temporary workaround, consider restricting write access to PATH locations to minimize the risk of exploitation.