CVE-2019-8454
HIGHCheck Point Endpoint Security < E80.96 - Local Privilege Escalation via Hard Link and WPAD Impersonation
Title source: llmDescription
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk150012
Scores
CVSS v3
7.0
EPSS
0.0033
EPSS Percentile
24.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-59
CWE-65
Status
published
Products (1)
checkpoint/endpoint_security
< e80.96
Published
Apr 29, 2019
Tracked Since
Feb 18, 2026