Skip to main content

CWE-65

Windows Hard Link

6 CVEs Avg CVSS 7.7 MITRE
0
CRITICAL
6
HIGH
0
MEDIUM
0
LOW
1
POC
0
KEV

Monthly

CVE-2022-23742 HIGH This Week

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Checkpoint Endpoint Security
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-6013 HIGH This Week

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Zonealarm Extreme Security
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2019-19231 HIGH This Week

An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Ca Client Automation
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2019-8454 HIGH This Week

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server,. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Information Disclosure Checkpoint Endpoint Security
NVD
CVSS 3.1
7.0
EPSS
0.3%
CVE-2019-8452 HIGH POC This Week

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Checkpoint Endpoint Security Zonealarm
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
1.0%
CVE-2019-8455 HIGH This Week

A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkpoint Zonealarm
NVD
CVSS 3.1
7.1
EPSS
0.4%
EPSS 0% CVSS 7.8
HIGH This Week

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Checkpoint +1
NVD VulDB
EPSS 2% CVSS 8.8
HIGH This Week

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Zonealarm Extreme Security
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An insecure file access vulnerability exists in CA Client Automation 14.0, 14.1, 14.2, and 14.3 Agent for Windows that can allow a local attacker to gain escalated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Ca Client Automation
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server,. Rated high severity (CVSS 7.0). No vendor patch available.

Microsoft Information Disclosure Checkpoint +1
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Checkpoint +2
NVD Exploit-DB
EPSS 0% CVSS 7.1
HIGH This Week

A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Checkpoint Zonealarm
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy