Security Advisory

CVE-2022-41604

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-27 02:17:14

Last updated 2025-05-22 13:52:43

Assigner mitre

State PUBLISHED

Description

Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%CheckPointZoneAlarmDataUpdates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITYSYSTEM.

← Browse all CVEs View on cve.org ↗