CVE-2019-8461

moderate-risk
Published 2019-08-29

Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.

Do I need to act?

-
0.16% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (3)

Capsule Docs Standalone Client
Endpoint Security
Remote Access Clients

Affected Vendors

Checkpoint

References (4)

Exploit https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-Win...
Patch https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewso...
Exploit https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-Win...
Patch https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewso...
34
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 1/34 · Minimal
Exposure 9/34 · Low