Vulnerabilities > Checkpoint > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-22 | CVE-2021-30359 | Uncontrolled Search Path Element vulnerability in Checkpoint Harmony Browse and Sandblast Agent for Browsers The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. | 7.8 |
| 2021-10-19 | CVE-2021-30358 | OS Command Injection vulnerability in Checkpoint Mobile Access Portal Agent Mobile Access Portal Native Applications who's path is defined by the administrator with environment variables may run applications from other locations by the Mobile Access Portal Agent. | 7.2 |
| 2021-04-22 | CVE-2021-30356 | Unspecified vulnerability in Checkpoint Identity Agent A denial of service vulnerability was reported in Check Point Identity Agent before R81.018.0000, which could allow low privileged users to overwrite protected system files. | 8.1 |
| 2021-01-20 | CVE-2020-6024 | Improper Privilege Management vulnerability in Checkpoint Smartconsole Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users. | 7.8 |
| 2020-12-03 | CVE-2020-6021 | Uncontrolled Search Path Element vulnerability in Checkpoint Endpoint Security Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. | 7.8 |
| 2020-10-27 | CVE-2020-6023 | Unspecified vulnerability in Checkpoint Zonealarm Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware. | 7.8 |
| 2020-08-04 | CVE-2020-6012 | Link Following vulnerability in Checkpoint Zonealarm Anti-Ransomware 1.0.0601/1.0.710 ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges. | 7.4 |
| 2020-07-06 | CVE-2020-6013 | Improper Privilege Management vulnerability in Checkpoint Zonealarm Extreme Security ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems. | 8.8 |
| 2019-12-23 | CVE-2019-8463 | Link Following vulnerability in Checkpoint Endpoint Security Clients E81.00 A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations. | 7.5 |
| 2019-10-02 | CVE-2019-8462 | Improper Handling of Exceptional Conditions vulnerability in Checkpoint Security Gateway R80.30 In a rare scenario, Check Point R80.30 Security Gateway before JHF Take 50 managed by Check Point R80.30 Management crashes with a unique configuration of enhanced logging. | 7.5 |