CVE-2018-8790

Summary

Check Point ZoneAlarm version 15.3.064.17729 and below expose a WCF service that can allow a local low privileged user to execute arbitrary code as SYSTEM.

Affected Software

VendorProductVersion RangeStatus
Check Point Software Technologies Ltd.ZoneAlarmprior to version 15.3.064.17729affected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization

ADP Enrichment

CVE Program Container

Additional References

References