Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-27T02:17:14
Updated: 2024-08-03T12:49:43.364Z
Reserved: 2022-09-27T00:00:00
Link: CVE-2022-41604
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-09-27T23:15:17.263
Modified: 2024-11-21T07:23:28.600
Link: CVE-2022-41604
Redhat
No data.