Vulnerabilities > Checkpoint
|2020-12-03||CVE-2020-6021|| Uncontrolled Search Path Element vulnerability in Checkpoint Endpoint Security E80.96/E83.20/E84.10 |
Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place.
| 4.4 |
|2020-11-05||CVE-2020-6015|| Unspecified vulnerability in Checkpoint Endpoint Security E84.10 |
Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations.
| 2.1 |
|2020-11-02||CVE-2020-6014|| Untrusted Search Path vulnerability in Checkpoint Endpoint Security E80.96 |
Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name.
| 4.4 |
|2020-10-27||CVE-2020-6023|| Unspecified vulnerability in Checkpoint Zonealarm |
Check Point ZoneAlarm before version 126.96.36.19943 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.
| 4.6 |
|2020-10-27||CVE-2020-6022|| Unspecified vulnerability in Checkpoint Zonealarm |
Check Point ZoneAlarm before version 188.8.131.5243 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware.
| 3.6 |
|2020-09-24||CVE-2020-6020|| Improper Input Validation vulnerability in Checkpoint ICA Management Portal R80.20/R80.30/R80.40 |
Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator.
| 7.4 |
|2020-08-04||CVE-2020-6012|| Link Following vulnerability in Checkpoint Zonealarm Anti-Ransomware 1.0.0601/1.0.710 |
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges.
| 4.4 |
|2020-07-06||CVE-2020-6013|| Improper Privilege Management vulnerability in Checkpoint Zonealarm Extreme Security |
ZoneAlarm Firewall and Antivirus products before version 184.108.40.20636 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems.
| 6.5 |
|2019-12-23||CVE-2019-8463|| Link Following vulnerability in Checkpoint Endpoint Security Clients |
A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations.
| 5.0 |
|2019-10-02||CVE-2019-8462|| Improper Handling of Exceptional Conditions vulnerability in Checkpoint Security Gateway R80.30 |
In a rare scenario, Check Point R80.30 Security Gateway before JHF Take 50 managed by Check Point R80.30 Management crashes with a unique configuration of enhanced logging.
| 5.0 |