Smile On Fridays secured coverage on SC Magazine for Gurucul

Check Point vulnerability allowed hackers to escalate privileges and run code

Check Point Software has patched a flaw found in its Endpoint Security Initial Client software for Windows enabling hackers to escalate privileges and run code.

According to a blog post by Peleg Hadar, security researcher at SafeBreach Labs, the flaw  could be used in order to achieve privilege escalation and persistence by loading an arbitrary unsigned DLL into a service that runs as NT AUTHORITY\SYSTEM.

The software run as a Windows service executed as “NT AUTHORITY\SYSTEM,” which provides it with very powerful permissions, according to Hadar.

See full article

Leave a Reply