VYPR

Endpoint Security

by Checkpoint

CVEs (13)

  • CVE-2022-23742HigMay 12, 2022
    risk 0.51cvss 7.8epss 0.04

    Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or…

  • CVE-2019-8452Apr 22, 2019
    risk 0.03cvss epss 0.01

    A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with…

  • CVE-2023-28133Jul 23, 2023
    risk 0.00cvss epss 0.06

    Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file

  • CVE-2021-27223Apr 1, 2022
    risk 0.00cvss epss 0.00

    A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits:…

  • CVE-2020-6021Dec 3, 2020
    risk 0.00cvss epss 0.00

    Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a…

  • CVE-2020-8097Aug 30, 2020
    risk 0.00cvss epss 0.00

    An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint…

  • CVE-2019-8463Dec 23, 2019
    risk 0.00cvss epss 0.01

    A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations.

  • CVE-2019-8458Jun 20, 2019
    risk 0.00cvss epss 0.01

    Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check…

  • CVE-2019-8454Apr 29, 2019
    risk 0.00cvss epss 0.00

    A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the…

  • CVE-2013-5636Nov 30, 2013
    risk 0.00cvss epss 0.00

    Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM…

  • CVE-2013-5635Nov 30, 2013
    risk 0.00cvss epss 0.00

    Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within…

  • CVE-2012-2753Jun 19, 2012
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain…

  • CVE-2011-1827Oct 5, 2011
    risk 0.00cvss epss 0.05

    Multiple unspecified vulnerabilities in Check Point SSL Network Extender (SNX), SecureWorkSpace, and Endpoint Security On-Demand, as distributed by SecurePlatform, IPSO6, Connectra, and VSX, allow remote attackers to execute arbitrary code via vectors involving a (1) ActiveX…