CVE-2022-41604
- Reference to the description:
- Description:
- Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM.
- Last updated date:
- 09/30/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 09/30/2022
- Reference url to background