Vulnerabilities > CVE-2019-8458 - Unspecified vulnerability in Checkpoint products

CVSS 4.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

HIGH

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

checkpoint

NVD

Published: 2019-06-20

Updated: 2020-10-22

Summary

Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

Vulnerable Configurations

Part	Description	Count
Application	Checkpoint Checkpoint Endpoint Security Clients - Checkpoint Remote Access Clients * Checkpoint Capsule Docs *	3

References

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053