CVE-2019-8455
HIGHCheck Point ZoneAlarm < 15.4.062 - Privilege Escalation via Hard Link Attack
Title source: llmDescription
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/108029
Scores
CVSS v3
7.1
EPSS
0.0039
EPSS Percentile
30.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-59
CWE-65
Status
published
Products (1)
checkpoint/zonealarm
< 15.4.062
Published
Apr 17, 2019
Tracked Since
Feb 18, 2026