CVE-2019-8458 - OpenCVE

Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:S/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Checkpoint	Capsule Docs Endpoint Security Clients Remote Access Clients

Configuration 1 [-]

cpe:2.3:a:checkpoint:endpoint_security_clients:*:*:*:*:*:windows:*:*

Configuration 2 [-]

cpe:2.3:a:checkpoint:remote_access_clients:*:*:*:*:*:windows:*:*

Configuration 3 [-]

cpe:2.3:a:checkpoint:capsule_docs:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053

History

No history.

MITRE

Status: PUBLISHED

Assigner: checkpoint

Published: 2019-06-20T16:44:33

Updated: 2024-08-04T21:17:31.415Z

Reserved: 2019-02-18T00:00:00

Link: CVE-2019-8458

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-06-20T17:15:10.643

Modified: 2020-10-22T17:19:35.187

Link: CVE-2019-8458

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Check Point Endpoint Security Client for Windows, Anti-Malware blade", "vendor": "Check Point", "versions": [{"status": "affected", "version": "before E81.00"}]}], "descriptions": [{"lang": "en", "value": "Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-114", "description": "CWE-114", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-06-20T16:44:33", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@checkpoint.com", "ID": "CVE-2019-8458", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Check Point Endpoint Security Client for Windows, Anti-Malware blade", "version": {"version_data": [{"version_value": "before E81.00"}]}}]}, "vendor_name": "Check Point"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-114"}]}]}, "references": {"reference_data": [{"name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053", "refsource": "CONFIRM", "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T21:17:31.415Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053"}]}]}, "cveMetadata": {"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2019-8458", "datePublished": "2019-06-20T16:44:33", "dateReserved": "2019-02-18T00:00:00", "dateUpdated": "2024-08-04T21:17:31.415Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:endpoint_security_clients:*:*:*:*:*:windows:*:*", "matchCriteriaId": "20B71150-CFB6-4B2F-8E0C-98669FE2879D", "versionEndExcluding": "e81.00", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:remote_access_clients:*:*:*:*:*:windows:*:*", "matchCriteriaId": "55B9134F-F1A6-4E0F-B492-5233455DD32A", "versionEndExcluding": "e81.00", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:capsule_docs:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E8869EF-94AF-4E04-B3BB-2106D31CE922", "versionEndExcluding": "e81.00", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate."}, {"lang": "es", "value": "Check Point Endpoint Security Client para Windows, con Anti-Malware blade instalado, anterior a versi\u00f3n E81.00, intenta cargar una DLL inexistente durante una actualizaci\u00f3n iniciada por la interfaz de usuario. Un atacante con privilegios de administrador puede aprovechar esto para conseguir la ejecuci\u00f3n de c\u00f3digo dentro de un binario firmado por Check Point Software Technologies, donde bajo ciertas circunstancias puede hacer que el cliente finalice."}], "id": "CVE-2019-8458", "lastModified": "2020-10-22T17:19:35.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-06-20T17:15:10.643", "references": [{"source": "cve@checkpoint.com", "tags": ["Vendor Advisory"], "url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk153053"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-114"}], "source": "cve@checkpoint.com", "type": "Secondary"}]}