What the vulnerability does

01Description

Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client privileges.

Key dates

02Disclosure timeline

January 7, 2022 CVE published
August 3, 2024 Record updated