CVE-2012-2753

2022-10-0316:15:36

[email protected]

web.nvd.nist.gov

cve-2012-2753

check point endpoint security

epc gui

privilege escalation

vulnerability

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in TrGUI.exe in the Endpoint Connect (aka EPC) GUI in Check Point Endpoint Security R73.x and E80.x on the VPN blade platform, Endpoint Security VPN R75, Endpoint Connect R73.x, and Remote Access Clients E75.x allows local users to gain privileges via a Trojan horse DLL in the current working directory.

Affected configurations

NVD

Node

checkpointendpoint_connectMatchr73

checkpointendpoint_securityMatche80-vpn_blade

checkpointendpoint_securityMatche80.10-vpn_blade

checkpointendpoint_securityMatche80.20-vpn_blade

checkpointendpoint_securityMatche80.30-vpn_blade

checkpointendpoint_securityMatchr73

checkpointendpoint_security_vpnMatchr75

checkpointremote_access_clientsMatche75

checkpointremote_access_clientsMatche75.10

checkpointremote_access_clientsMatche75.20

CPENameOperatorVersion
checkpoint:endpoint_connectcheckpoint endpoint connecteqr73
checkpoint:endpoint_securitycheckpoint endpoint securityeqe80
checkpoint:endpoint_securitycheckpoint endpoint securityeqe80.10
checkpoint:endpoint_securitycheckpoint endpoint securityeqe80.20
checkpoint:endpoint_securitycheckpoint endpoint securityeqe80.30
checkpoint:endpoint_securitycheckpoint endpoint securityeqr73
checkpoint:endpoint_security_vpncheckpoint endpoint security vpneqr75
checkpoint:remote_access_clientscheckpoint remote access clientseqe75
checkpoint:remote_access_clientscheckpoint remote access clientseqe75.10
checkpoint:remote_access_clientscheckpoint remote access clientseqe75.20

CPE	Name	Operator	Version
checkpoint:endpoint_connect	checkpoint endpoint connect	eq	r73
checkpoint:endpoint_security	checkpoint endpoint security	eq	e80
checkpoint:endpoint_security	checkpoint endpoint security	eq	e80.10
checkpoint:endpoint_security	checkpoint endpoint security	eq	e80.20
checkpoint:endpoint_security	checkpoint endpoint security	eq	e80.30
checkpoint:endpoint_security	checkpoint endpoint security	eq	r73
checkpoint:endpoint_security_vpn	checkpoint endpoint security vpn	eq	r75
checkpoint:remote_access_clients	checkpoint remote access clients	eq	e75
checkpoint:remote_access_clients	checkpoint remote access clients	eq	e75.10
checkpoint:remote_access_clients	checkpoint remote access clients	eq	e75.20