Check Point Software Zonealarm Extreme Security
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Check Point Software Zonealarm Extreme Security.
By the Year
In 2026 there have been 0 vulnerabilities in Check Point Software Zonealarm Extreme Security. Zonealarm Extreme Security did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 7.30 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 8.80 |
It may take a day or so for new Zonealarm Extreme Security vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Check Point Software Zonealarm Extreme Security Security Vulnerabilities
CVE-2024-6233: LPE via Symlink in Forensic Recorder (ZoneAlarm)
CVE-2024-6233
- November 22, 2024
Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Forensic Recorder service. By creating a symbolic link, an attacker can abuse the service to overwrite arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-21677.
Check Point ZAE NextGen LPE on Windows
CVE-2024-24910
7.3 - High
- April 18, 2024
A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system.
Incorrect Permission Assignment for Critical Resource
Check Point ZoneAlarm Extreme Security <v15.8.211.19229 Priv Esc via Junction
CVE-2022-41604
8.8 - High
- September 27, 2022
Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM.
Improper Privilege Management
Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code
CVE-2010-5184
- August 25, 2012
Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
Race Condition
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Check Point Software Zonealarm Extreme Security or by Check Point Software? Click the Watch button to subscribe.
