CVE-2019-8454
N/A
N/A
Summary
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Check Point | Check Point Endpoint Security client for Windows | before E80.96 | affected |
Weaknesses
- CWE-65: CWE-65,CWE-377
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.