CVE-2020-6014

Name of the Vulnerable Software and Affected Versions Check Point Endpoint Security Client for Windows versions prior to E83.20

Description The issue arises when the Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, attempts to load a non-existent DLL during a Domain Name query. An attacker with administrator privileges can exploit this to achieve code execution within a Check Point Software Technologies signed binary. Under certain circumstances, this may cause the client to terminate.

Recommendations For versions prior to E83.20, update to version E83.20 or later to resolve the issue. As a temporary workaround, consider restricting administrator privileges to minimize the risk of exploitation.