[German]There is a Privilege Escalation vulnerability in the ZoneAlarm software (firewall). Check Point has provided a patch to patch this vulnerability.
Advertising
The Zero-Day-Initiative (ZDI) draws attention to the vulnerability CVE-2020-6013. This vulnerability was discovered on May 20, 2020 and allows local attackers to extend privileges on affected Check Point ZoneAlarm installations. To exploit this vulnerability, an attacker must first gain the ability to execute low privileged code on the target system.
The specific vulnerability exists within the ZoneAlarm service. The issue arises from the lack of proper validation of a user-supplied symbolic link before it is used in file operations. An attacker could exploit this vulnerability to escalate privileges and execute code in the SYSTEM context.
Check Point issued an update on July 7, 2020 to fix this vulnerability. Details can be found in the Check Point Support Center in this article:
Glenn Lloyd working with Trend Micro's Zero Day Initiative for discovering CVE-2020-6013 in Check Point ZoneAlarm Firewall and Antivirus (fixed in ZoneAlarm Extreme Security 15.8.109.18436)
(via)
