PT-2020-18896 · Check Point · Check Point Endpoint Security Client

Published

2020-12-03

Updated

2021-11-05

CVE-2020-6021

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Check Point Endpoint Security Client for Windows versions prior to E84.20

Description The issue allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint client’s privileges.

Recommendations For versions prior to E84.20, update to version E84.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the installation repair feature to minimize the risk of exploitation.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2020-6021

Affected Products

Check Point Endpoint Security Client

PT-2020-18896 · Check Point · Check Point Endpoint Security Client

CVE-2020-6021

Weakness Enumeration

Related Identifiers

Affected Products

References · 5