← back
CVE-2021-30360

CVE-2021-30360

EPSS 0.6%CWE-427
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
07 Jan 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges.
Affected products
n/a · Check Point Remote Access Client

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0001/MNDT-2022-0001.mdhttps://supportcontent.checkpoint.com/solutions?id=sk176853