What is CVE-2020-6014?

CVE-2020-6014 is a vulnerability in Check Point Endpoint Security Client for Windows that allows an attacker with administrator privileges to gain code execution within a Check Point solution.

What is the severity of CVE-2020-6014?

The severity of CVE-2020-6014 is medium with a CVSS score of 6.5.

How does CVE-2020-6014 affect Check Point Endpoint Security Client for Windows?

CVE-2020-6014 affects Check Point Endpoint Security Client for Windows, specifically versions before E83.20, with Anti-Bot or Threat Emulation blades installed.

How can an attacker exploit CVE-2020-6014?

An attacker with administrator privileges can exploit CVE-2020-6014 by leveraging the loading of a non-existent DLL during a query for the Domain Name in Check Point Endpoint Security Client for Windows.

How can I fix CVE-2020-6014?

To fix CVE-2020-6014, update to version E83.20 or higher of Check Point Endpoint Security Client for Windows.

Vulnerability/
CVE-2020-6014

medium

6.5

CWE

426 114

30/10/2020

4/8/2024

CVE-2020-6014

First published: Fri Oct 30 2020(Updated: )

Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.

Credit: cve@checkpoint.com

Affected Software	Affected Version	How to fix
Checkpoint Endpoint Security	<e83.20

Never miss a vulnerability like this again

Reference Links

https://supportcontent.checkpoint.com/solutions?id=sk168081

Frequently Asked Questions

What is CVE-2020-6014?
CVE-2020-6014 is a vulnerability in Check Point Endpoint Security Client for Windows that allows an attacker with administrator privileges to gain code execution within a Check Point solution.
What is the severity of CVE-2020-6014?
The severity of CVE-2020-6014 is medium with a CVSS score of 6.5.
How does CVE-2020-6014 affect Check Point Endpoint Security Client for Windows?
CVE-2020-6014 affects Check Point Endpoint Security Client for Windows, specifically versions before E83.20, with Anti-Bot or Threat Emulation blades installed.
How can an attacker exploit CVE-2020-6014?
An attacker with administrator privileges can exploit CVE-2020-6014 by leveraging the loading of a non-existent DLL during a query for the Domain Name in Check Point Endpoint Security Client for Windows.
How can I fix CVE-2020-6014?
To fix CVE-2020-6014, update to version E83.20 or higher of Check Point Endpoint Security Client for Windows.

collector/nvd-index
agent/weakness
agent/references
agent/severity
agent/author
agent/description
agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/checkpoint
canonical/checkpoint endpoint security

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.