PT-2021-12493 · Check Point · Check Point Smartconsole
Published
2021-01-20
·
Updated
2021-02-02
·
CVE-2020-6024
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Check Point SmartConsole versions prior to R80.10 Build 185
Check Point SmartConsole versions prior to R80.20 Build 119
Check Point SmartConsole versions prior to R80.30 Build 94
Check Point SmartConsole versions prior to R80.40 Build 415
Check Point SmartConsole versions prior to R81 Build 548
Description:
The issue is related to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users.
Recommendations:
For versions prior to R80.10 Build 185, update to R80.10 Build 185 or later.
For versions prior to R80.20 Build 119, update to R80.20 Build 119 or later.
For versions prior to R80.30 Build 94, update to R80.30 Build 94 or later.
For versions prior to R80.40 Build 415, update to R80.40 Build 415 or later.
For versions prior to R81 Build 548, update to R81 Build 548 or later.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Check Point Smartconsole