This issue does not affect most Check Point users. However, it is important to know about because it could be used to elevate privileges on the system. In addition to the above issues, Check Point ZoneAlarm Extreme Security before 15.8.211.19229 has the following other security issues: - In certain circumstances, a user with the 'Administrators' group membership may be able to load and execute arbitrary code on the system. - The Check Point ZoneAlarm Extreme Security before 15.8.211.19229 has a weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory that allows local users to escalate privileges. - In certain circumstances, a user with the 'Administrators' group membership may be able to load and execute arbitrary code on the system. Also, this user may be able to view or modify any file on the system. - In certain circumstances, a user with the 'Administrators' group membership may be able to load and execute arbitrary code on the system. Also, this user may be able to view or modify any file on the system.

Check Point ZoneAlarm Extreme Security before 16.1.222.20237

Check Point ZoneAlarm Extreme Security before 16.1.222.20237 has the following security issues: - In certain circumstances, a user with the 'Administrators' group membership may be able to load and execute arbitrary code on the system. (CVE-2011-1341) - In certain circumstances, a user with the 'Administrators' group membership may be able to load and execute arbitrary code on the system. (CVE-2014-0610)

Mitigation Strategies

- Install the latest version of ZoneAlarm Extreme Security - Apply the appropriate ZA updates - Delete the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory from the filesystem.

Timeline

Published on: 09/27/2022 23:15:00 UTC
Last modified on: 09/30/2022 14:59:00 UTC

References