![checkpoint endpoint-security]()
CVE-2020-6021 is a vulnerability in Check Point Software Endpoint Security
Published on December 3, 2020
Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint clients privileges.
Weakness Type
What is a DLL preloading Vulnerability?
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
CVE-2020-6021 has been classified to as a DLL preloading vulnerability or weakness.
Products Associated with CVE-2020-6021
Want to know whenever a new CVE is published for Check Point Software Endpoint Security? stack.watch will email you.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.