Unrated severityNVD Advisory· Published Sep 27, 2022· Updated May 22, 2025
CVE-2022-41604
CVE-2022-41604
Description
Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <15.8.211.19229
Patches
Vulnerability mechanics
References
2- www.infigo.hr/en/insights/39/elevation-of-privilege-in-zonealarm-extreme-security/mitrex_refsource_MISC
- www.zonealarm.com/software/extreme-security/release-historymitrex_refsource_MISC
News mentions
0No linked articles in our index yet.