Unrated severityNVD Advisory· Published Apr 22, 2019· Updated Aug 4, 2024
CVE-2019-8452
CVE-2019-8452
Description
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <E80.96
- Range: <=15.4.062
- Check Point ZoneAlarm/Check Point Endpoint Security client for Windowsv5Range: Check Point Endpoint Security client for Windows before E80.96
- Check Point ZoneAlarm/Check Point ZoneAlarmv5Range: Check Point ZoneAlarm up to 15.4.062
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/154754/CheckPoint-Endpoint-Security-Client-ZoneAlarm-Privilege-Escalation.htmlmitrex_refsource_MISC
- supportcenter.us.checkpoint.com/supportcenter/portalmitrex_refsource_CONFIRM
- www.zonealarm.com/software/release-history/zafavfw.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.