PT-2023-3999 · Check Point · Check Point Endpoint Security Client
Published
2023-07-19
·
Updated
2023-08-01
·
CVE-2023-28133
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Check Point Endpoint Security Client version E87.30
Description
The issue is related to a local privilege escalation in Check Point Endpoint Security Client. It is caused by incorrect permission assignment for a critical resource. Exploitation of this issue may allow an attacker to elevate their privileges.
Recommendations
For version E87.30, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to critical resources to minimize the risk of exploitation.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Check Point Endpoint Security Client