5 advisories tracked · Check Point (cve@checkpoint.com CNA) via NVD · checked automatically every minute
Pick your product and enter the exact software release it runs. We match it against the affected/fixed versions in Check Point's recent advisories.
Check Point (cve@checkpoint.com CNA) via NVD
Check Point is its own CVE Numbering Authority. VulniPulse ingests Check Point's CVEs from the NVD CNA feed (cve@checkpoint.com), each linking to its support.checkpoint.com advisory. Covers Quantum Security Gateway / Spark, the Gaia OS, Quantum Maestro, Harmony Endpoint / Mobile, CloudGuard and the Security Management server — its Quantum VPN/gateways were mass-exploited (CVE-2024-24919), a top network-security target.
Visit Check Point security advisoriesA local user can trigger Harmony SASE Windows client to write or delete files outside the intended certificate working directory.
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties.
A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system.
Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation repair and place a specially crafted binary in the repair folder, which runs with the admin privileges.