Vulnerability: Unauthorized File Replacement in Check Point Endpoint Security Client for Windows

Vulnerability: Unauthorized File Replacement in Check Point Endpoint Security Client for Windows

CVE-2022-23742 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.

Learn more about our Web Application Penetration Testing UK.