CVE-2022-23744

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.

Weakness

The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.

Affected Software

Name	Vendor	Start Version	End Version
Endpoint_security	Checkpoint	e83 (including)	e83 (including)
Endpoint_security	Checkpoint	e84 (including)	e84 (including)
Endpoint_security	Checkpoint	e85 (including)	e85 (including)
Endpoint_security	Checkpoint	e86.10 (including)	e86.10 (including)
Endpoint_security	Checkpoint	e86.20 (including)	e86.20 (including)
Endpoint_security	Checkpoint	e86.30 (including)	e86.30 (including)
Endpoint_security	Checkpoint	e86.40 (including)	e86.40 (including)
Harmony_endpoint	Checkpoint	e83 (including)	e83 (including)
Harmony_endpoint	Checkpoint	e84 (including)	e84 (including)
Harmony_endpoint	Checkpoint	e85 (including)	e85 (including)
Harmony_endpoint	Checkpoint	e86.10 (including)	e86.10 (including)
Harmony_endpoint	Checkpoint	e86.20 (including)	e86.20 (including)
Harmony_endpoint	Checkpoint	e86.30 (including)	e86.30 (including)
Harmony_endpoint	Checkpoint	e86.40 (including)	e86.40 (including)

Potential Mitigations

https://cwe.mitre.org/data/definitions/138.html

References

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=\u0026solutionid=sk179609

NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-23744
CWE	https://cwe.mitre.org/data/definitions/470.html

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References