![]() ![]() ![]() In this post, we describe the vulnerability we found in the Check Point Endpoint Security Initial Client software for Windows. Some parts of the software run as a Windows service executed as “NT AUTHORITY\SYSTEM,” which provides it with very powerful permissions. Check Point Endpoint SecurityĬheck Point Endpoint Security includes data security, network security, advanced threat prevention, forensics, and remote access VPN solutions. In this post, we will demonstrate how this vulnerability could be used in order to achieve privilege escalation and persistence by loading an arbitrary unsigned DLL into a service that runs as NT AUTHORITY\SYSTEM. SafeBreach Labs discovered a new vulnerability in Check Point Endpoint Security Initial Client software for Windows.
0 Comments
Leave a Reply. |