Check Point Endpoint Security Client up to E80.82 VPN Blade unquoted search path

Summaryinfo

A vulnerability has been found in Check Point Endpoint Security Client up to E80.82 and classified as critical. Affected by this issue is some unknown functionality of the component VPN Blade. Performing a manipulation results in unquoted search path. This vulnerability is reported as CVE-2019-8459. The attack requires a local approach. No exploit exists. The affected component should be upgraded.

Detailsinfo

A vulnerability was found in Check Point Endpoint Security Client up to E80.82. It has been classified as critical. This affects an unknown part of the component VPN Blade. The manipulation with an unknown input leads to a unquoted search path vulnerability. CWE is classifying the issue as CWE-428. The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:

Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one.

The weakness was disclosed 06/20/2019 (Website). The advisory is shared at supportcenter.checkpoint.com. This vulnerability is uniquely identified as CVE-2019-8459 since 02/18/2019. An attack has to be approached locally. A authentication is necessary for exploitation. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1574.009 for this issue.

Upgrading to version E80.83 eliminates this vulnerability.

The entry VDB-136796 is pretty similar. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Vendor

• Check Point

Name

• Endpoint Security Client

Version

• E80.0
• E80.1
• E80.2
• E80.3
• E80.4
• E80.5
• E80.6
• E80.7
• E80.8
• E80.9
• E80.10
• E80.11
• E80.12
• E80.13
• E80.14
• E80.15
• E80.16
• E80.17
• E80.18
• E80.19
• E80.20
• E80.21
• E80.22
• E80.23
• E80.24
• E80.25
• E80.26
• E80.27
• E80.28
• E80.29
• E80.30
• E80.31
• E80.32
• E80.33
• E80.34
• E80.35
• E80.36
• E80.37
• E80.38
• E80.39
• E80.40
• E80.41
• E80.42
• E80.43
• E80.44
• E80.45
• E80.46
• E80.47
• E80.48
• E80.49
• E80.50
• E80.51
• E80.52
• E80.53
• E80.54
• E80.55
• E80.56
• E80.57
• E80.58
• E80.59
• E80.60
• E80.61
• E80.62
• E80.63
• E80.64
• E80.65
• E80.66
• E80.67
• E80.68
• E80.69
• E80.70
• E80.71
• E80.72
• E80.73
• E80.74
• E80.75
• E80.76
• E80.77
• E80.78
• E80.79
• E80.80
• E80.81
• E80.82

License

• commercial

Website

• Vendor: https://www.checkpoint.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion