CVE-2021-30359

HIGH

Harmony Browse & SandBlast Agent <90.08.7405 - Privilege Escalation

Title source: llm

Description

The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation repair and place a specially crafted binary in the repair folder, which runs with the admin privileges.

References (2)

[Third Party Advisory] https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0007/MNDT-2021-0007.md

View Writeup ZIP pw:eip

[Vendor Advisory] https://supportcontent.checkpoint.com/solutions?id=sk175968

Scores

CVSS v3 7.8

EPSS 0.0006

EPSS Percentile 18.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (2)

checkpoint/harmony_browse < 90.08.7405

checkpoint/sandblast_agent_for_browsers < 90.08.7405

Timeline

Published Oct 22, 2021

Tracked Since Feb 18, 2026