FortiClient Vulnerability

Security Vulnerabilities fixed in ZoneAlarm Security 15.4.260.17960

Description

A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file. Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client.

Affected Applications

ZoneAlarm Security

CVE References

CVE-2019-8455 CVE-2019-8453

Other References

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8455

ID	4509
Created	Sep 07, 2022
Description Updated	Nov 07, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	Check Point Software
Patch	manual
Application	ZoneAlarm Security

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Security Vulnerabilities fixed in ZoneAlarm Security 15.4.260.17960

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Security Vulnerabilities fixed in ZoneAlarm Security 15.4.260.17960

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center