CVE-2022-23742

Name of the Vulnerable Software and Affected Versions Check Point Endpoint Security Client for Windows versions earlier than E86.40

Description The issue is related to incorrect handling of symbolic links before accessing a file, which can allow an attacker to replace arbitrary files in the system and execute arbitrary code. An attacker can exploit this by replacing files with malicious content, such as using symbolic links, in a directory with low privileges where files for forensics reports are copied from.

Recommendations For versions earlier than E86.40, update to version E86.40 or later to resolve the issue. As a temporary workaround, consider restricting access to the directory where files for forensics reports are copied from to minimize the risk of exploitation.