Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Endpoint_security | Checkpoint | e80 (including) | e80 (including) |
| Endpoint_security | Checkpoint | e80.10 (including) | e80.10 (including) |
| Endpoint_security | Checkpoint | e80.20 (including) | e80.20 (including) |
| Endpoint_security | Checkpoint | e80.30 (including) | e80.30 (including) |
| Endpoint_security | Checkpoint | e80.40 (including) | e80.40 (including) |
| Endpoint_security | Checkpoint | e80.41 (including) | e80.41 (including) |
| Endpoint_security | Checkpoint | e80.50 (including) | e80.50 (including) |
References
- http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt
- https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589
- http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt
- https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk96589