CVE-2022-23742 - Vulnerability Details - OpenCVE

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Checkpoint	Endpoint Security
Microsoft	Windows

Configuration 1 [-]

AND

cpe:2.3:a:checkpoint:endpoint_security:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://supportcontent.checkpoint.com/solutions?id=sk178665%2C
https://supportcontent.checkpoint.com/solutions?id=sk179132

History

No history.

MITRE

Status: PUBLISHED

Assigner: checkpoint

Published: 2022-05-12T19:23:18

Updated: 2024-08-03T03:51:46.018Z

Reserved: 2022-01-19T00:00:00

Link: CVE-2022-23742

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-05-12T20:15:15.383

Modified: 2024-11-21T06:49:13.227

Link: CVE-2022-23742

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Check Point Endpoint Security Client for Windows", "vendor": "n/a", "versions": [{"status": "affected", "version": "before E86.40"}]}], "descriptions": [{"lang": "en", "value": "Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-65", "description": "CWE-65: Windows Hard Link", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-05-12T19:23:18", "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk178665%2C"}, {"tags": ["x_refsource_MISC"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk179132"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@checkpoint.com", "ID": "CVE-2022-23742", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Check Point Endpoint Security Client for Windows", "version": {"version_data": [{"version_value": "before E86.40"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-65: Windows Hard Link"}]}]}, "references": {"reference_data": [{"name": "https://supportcontent.checkpoint.com/solutions?id=sk178665,", "refsource": "MISC", "url": "https://supportcontent.checkpoint.com/solutions?id=sk178665,"}, {"name": "https://supportcontent.checkpoint.com/solutions?id=sk179132", "refsource": "MISC", "url": "https://supportcontent.checkpoint.com/solutions?id=sk179132"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:51:46.018Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk178665%2C"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk179132"}]}]}, "cveMetadata": {"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "assignerShortName": "checkpoint", "cveId": "CVE-2022-23742", "datePublished": "2022-05-12T19:23:18", "dateReserved": "2022-01-19T00:00:00", "dateUpdated": "2024-08-03T03:51:46.018Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:endpoint_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F74A067-4F2F-4ECF-B75F-3EF99726F3F4", "versionEndExcluding": "e86.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links."}, {"lang": "es", "value": "Check Point Endpoint Security Client para Windows versiones anteriores a E86.40, copian archivos para informes forenses desde un directorio con privilegios bajos. Un atacante puede reemplazar esos archivos con contenido malicioso o vinculado, como la explotaci\u00f3n de CVE-2020-0896 en sistemas sin parches o el uso de enlaces simb\u00f3licos"}], "id": "CVE-2022-23742", "lastModified": "2024-11-21T06:49:13.227", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-05-12T20:15:15.383", "references": [{"source": "cve@checkpoint.com", "url": "https://supportcontent.checkpoint.com/solutions?id=sk178665%2C"}, {"source": "cve@checkpoint.com", "tags": ["Vendor Advisory"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk179132"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://supportcontent.checkpoint.com/solutions?id=sk178665%2C"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://supportcontent.checkpoint.com/solutions?id=sk179132"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-65"}], "source": "cve@checkpoint.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}