7.8

CVE-2024-24916

Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin).

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Data is provided by the National Vulnerability Database (NVD)
CheckpointSmartconsole Versionr81.10 Updatebuild400
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild402
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild404
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild406
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild407
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild409
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild410
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild412
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild413
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild414
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild416
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild417
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild418
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild420
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild423
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild424
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.10 Updatebuild425
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.20 Updatebuild640
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.20 Updatebuild641
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.20 Updatebuild645
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.20 Updatebuild646
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.20 Updatebuild649
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.20 Updatebuild651
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.20 Updatebuild653
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.20 Updatebuild654
   MicrosoftWindows Version-
CheckpointSmartconsole Versionr81.20 Updatebuild655
   MicrosoftWindows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.03% 0.053
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cve@checkpoint.com 6.5 0.6 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
CWE-427 Uncontrolled Search Path Element

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.