Smile On Fridays secured coverage on SC Magazine for Gurucul
Check Point vulnerability allowed hackers to escalate privileges and run code
Check Point Software has patched a flaw found in its Endpoint Security Initial Client software for Windows enabling hackers to escalate privileges and run code.
According to a blog post by Peleg Hadar, security researcher at SafeBreach Labs, the flaw could be used in order to achieve privilege escalation and persistence by loading an arbitrary unsigned DLL into a service that runs as NT AUTHORITY\SYSTEM.
The software run as a Windows service executed as “NT AUTHORITY\SYSTEM,” which provides it with very powerful permissions, according to Hadar.