Check Point Endpoint Connect Insecure Library Loading Vulnerability
RISK: High Risk
TYPE: Security software and application - Security Software & Appliance
A vulnerability has been identified in Check Point EndPoint Connect, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading certain libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening unspecified file types located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code.
Impact
- Remote Code Execution
System / Technologies affected
- Check Point Endpoint Connect 7.x
- Check Point Endpoint Security 7.x
- Check Point Endpoint Security 8.x
- Check Point Remote Access Clients 7.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply available hotfixes:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk76480&src=securityAlerts
Vulnerability Identifier
Source
Related Link
Share with