CVE-2022-41604

by Fred · 26/09/2022

Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%CheckPointZoneAlarmDataUpdates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITYSYSTEM.

Date published : 2022-09-26

https://github.com/Wh04m1001/ZoneAlarmEoP

https://www.infigo.hr/en/insights/39/elevation-of-privilege-in-zonealarm-extreme-security/

CVE-2022-41604

Similar

Recent Posts

Categories

CVE-2022-41604

Share this:

Similar

Recent Posts

Categories

Tags