cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-41604,https://securityvulnerability.io/vulnerability/CVE-2022-41604,Privilege Escalation in Check Point ZoneAlarm Extreme Security,"A local privilege escalation vulnerability exists in Check Point ZoneAlarm Extreme Security prior to version 15.8.211.19229. This vulnerability stems from inadequate permissions assigned to the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory. It enables a local attacker to exploit a bypass in the self-protection driver, allowing the creation of a junction directory. Through this exploit, an attacker can move arbitrary files with the privileges of NT AUTHORITY\SYSTEM, potentially leading to unauthorized access and control over sensitive system resources.",Checkpoint,Zonealarm,8.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-09-27T02:17:14.000Z,0
CVE-2022-23743,https://securityvulnerability.io/vulnerability/CVE-2022-23743,Privilege Escalation Vulnerability in Check Point ZoneAlarm,"The vulnerability in Check Point ZoneAlarm allows local actors to escalate their privileges during the software upgrade process. This flaw is exacerbated by inadequate permissions in the ProgramData\CheckPoint\ZoneAlarm\Data\Updates directory, enabling attackers to execute arbitrary file writes. Consequently, attackers can gain elevated privileges, allowing them to execute code with local system rights, which can compromise the security of the affected system.",Checkpoint,Zonealarm.,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-05-11T00:00:00.000Z,0
CVE-2020-6023,https://securityvulnerability.io/vulnerability/CVE-2020-6023,Privilege Escalation Vulnerability in Check Point ZoneAlarm,"A vulnerability in Check Point's ZoneAlarm software allows a local actor to escalate privileges when restoring files protected by the Anti-Ransomware feature. This issue affects all versions prior to 15.8.139.18543, potentially enabling unauthorized access to system resources and sensitive data. Users are encouraged to upgrade to the latest version to mitigate this risk.",Checkpoint,Check Point Zonealarm,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-10-27T13:52:57.000Z,0
CVE-2020-6022,https://securityvulnerability.io/vulnerability/CVE-2020-6022,File Deletion Vulnerability in Check Point ZoneAlarm Security Software,A vulnerability in Check Point's ZoneAlarm security software allows a local user to delete arbitrary files during the restoration process in the Anti-Ransomware feature. This flaw poses a significant risk to data integrity and confidentiality as it can be exploited to disrupt normal operations and compromise sensitive information.,Checkpoint,Check Point Zonealarm,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-10-27T13:50:50.000Z,0
CVE-2020-6012,https://securityvulnerability.io/vulnerability/CVE-2020-6012,Privilege Escalation Vulnerability in ZoneAlarm Anti-Ransomware Software,"ZoneAlarm Anti-Ransomware prior to version 1.0.713 has a vulnerability that enables a local attacker to escalate privileges. This occurs due to the software copying files from a low-privileged directory for reporting purposes. An attacker with timed access can replace these files with malicious content or use symbolic links. This situation can lead to exploitation, particularly on systems that have not been patched for other vulnerabilities like CVE-2020-0896.",Checkpoint,Zonealarm Anti-ransomware,7.4,HIGH,0.0014799999771639705,false,,false,false,false,,,false,false,,2020-08-04T13:35:42.000Z,0
CVE-2020-6013,https://securityvulnerability.io/vulnerability/CVE-2020-6013,Elevated Privilege Vulnerability in ZoneAlarm Firewall and Antivirus,"Certain versions of ZoneAlarm Firewall and Antivirus exhibit a vulnerability that allows an attacker with system access to manipulate file permissions and exploit existing weaknesses (specifically related to Windows vulnerabilities) to execute arbitrary code with elevated permissions on unpatched systems. This poses a significant risk to system integrity, necessitating timely updates and patches to mitigate potential security breaches.",Checkpoint,Check Point Zonealarm,8.8,HIGH,0.0011899999808520079,false,,false,false,false,,,false,false,,2020-07-06T17:54:48.000Z,0
CVE-2019-8453,https://securityvulnerability.io/vulnerability/CVE-2019-8453,DLL Hijacking Vulnerability in Check Point ZoneAlarm,"A vulnerability exists in Check Point ZoneAlarm where some DLLs are loaded from directories with write permissions for all users. This flaw allows local attackers to replace legitimate DLL files with malicious ones, potentially resulting in Denial of Service attacks on the client.",Checkpoint,Check Point Zonealarm,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-04-17T14:06:40.000Z,0
CVE-2019-8455,https://securityvulnerability.io/vulnerability/CVE-2019-8455,File Permission Vulnerability in Check Point ZoneAlarm Software,"An identified flaw in Check Point's ZoneAlarm software creates a hard link from the log file to any file on the system, inadvertently altering that file's permissions. This allows all users to access files that would typically have restricted access. Local attackers can exploit this vulnerability to gain elevated privileges, potentially compromising sensitive information.",Checkpoint,Check Point Zonealarm,7.1,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-04-17T14:05:54.000Z,0
CVE-2010-5184,https://securityvulnerability.io/vulnerability/CVE-2010-5184,,"Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack.  NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute",Checkpoint,Zonealarm Extreme Security,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2012-08-25T21:55:00.000Z,0
CVE-2008-7025,https://securityvulnerability.io/vulnerability/CVE-2008-7025,,"TrueVector in Check Point ZoneAlarm 8.0.020.000, with vsmon.exe running, allows remote HTTP proxies to cause a denial of service (crash) and disable the HIDS module via a crafted response.",Checkpoint,Zonealarm,,,0.0017399999778717756,false,,false,false,false,,,false,false,,2009-08-21T14:00:00.000Z,0
CVE-2008-7009,https://securityvulnerability.io/vulnerability/CVE-2008-7009,,Buffer overflow in multiscan.exe in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 allows local users to execute arbitrary code via a file or directory with a long path.  NOTE: some of these details are obtained from third party information.,Checkpoint,Zonealarm,,,0.0011699999449774623,false,,false,false,false,,,false,false,,2009-08-19T10:00:00.000Z,0
CVE-2007-4216,https://securityvulnerability.io/vulnerability/CVE-2007-4216,,"vsdatant.sys 6.5.737.0 in Check Point Zone Labs ZoneAlarm before 7.0.362 allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in a METHOD_NEITHER (1) IOCTL 0x8400000F or (2) IOCTL 0x84000013 request, which can be used to overwrite arbitrary memory locations.",Checkpoint,Zonealarm,,,0.0006000000284984708,false,,false,false,false,,,false,false,,2007-08-21T17:00:00.000Z,0
CVE-2007-2730,https://securityvulnerability.io/vulnerability/CVE-2007-2730,,"Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier.",Checkpoint,"Zonealarm,Comodo Firewall Pro,Comodo Personal Firewall",,,0.0004199999966658652,false,,false,false,false,,,false,false,,2007-05-16T22:00:00.000Z,0
CVE-2007-2174,https://securityvulnerability.io/vulnerability/CVE-2007-2174,,The IOCTL handling in srescan.sys in the ZoneAlarm Spyware Removal Engine (SRE) in Check Point ZoneAlarm before 5.0.156.0 allows local users to execute arbitrary code via certain IOCTL lrp parameter addresses.,Checkpoint,Zonealarm,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2007-04-24T16:00:00.000Z,0
CVE-2005-2932,https://securityvulnerability.io/vulnerability/CVE-2005-2932,,"Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls.",Checkpoint,"Zonealarm Security Suite,Zonealarm",,,0.0004199999966658652,false,,false,false,false,,,false,false,,2005-12-31T05:00:00.000Z,0