CVE-2021-30359

The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation repair and place a specially crafted binary in the repair folder, which runs with the admin privileges.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:checkpoint:harmony_browse:*:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:sandblast_agent_for_browsers:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

27 Oct 2021, 14:21

Type Values Removed Values Added
CPE cpe:2.3:a:checkpoint:sandblast_agent_for_browsers:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:harmony_browse:*:*:*:*:*:*:*:*
CWE CWE-427
CVSS v2 : unknown
v3 : unknown
v2 : 7.2
v3 : 7.8
References (MISC) https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0007/MNDT-2021-0007.md - (MISC) https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0007/MNDT-2021-0007.md - Third Party Advisory
References (MISC) https://supportcontent.checkpoint.com/solutions?id=sk175968 - (MISC) https://supportcontent.checkpoint.com/solutions?id=sk175968 - Vendor Advisory

22 Oct 2021, 16:15

Type Values Removed Values Added
References
  • (MISC) https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0007/MNDT-2021-0007.md -

22 Oct 2021, 14:33

Type Values Removed Values Added
New CVE

Information

Published : 2021-10-22 14:15

Updated : 2024-02-04 22:08


NVD link : CVE-2021-30359

Mitre link : CVE-2021-30359

CVE.ORG link : CVE-2021-30359


JSON object : View

Products Affected

microsoft

  • windows

checkpoint

  • sandblast_agent_for_browsers
  • harmony_browse
CWE
CWE-427

Uncontrolled Search Path Element