DLL Hijacking Vulnerability in Check Point Endpoint Security Initial Client for Windows

DLL Hijacking Vulnerability in Check Point Endpoint Security Initial Client for Windows

CVE-2019-8461 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Check Point Endpoint Security Initial Client for Windows before version E81.30 tries to load a DLL placed in any PATH location on a clean image without Endpoint Client installed. An attacker can leverage this to gain LPE using a specially crafted DLL placed in any PATH location accessible with write permissions to the user.

Learn more about our User Device Pen Test.