fkie_cve-2024-24916
Vulnerability from fkie_nvd
Published
2025-06-19 14:15
Modified
2025-09-04 19:01
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin).
References
| URL | Tags | ||
|---|---|---|---|
| cve@checkpoint.com | https://support.checkpoint.com/results/sk/sk183342 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.10 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| checkpoint | smartconsole | r81.20 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build400:*:*:*:*:*:*",
"matchCriteriaId": "4A8D932A-F264-4407-9634-440D4E33FC52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build402:*:*:*:*:*:*",
"matchCriteriaId": "3FD3EF2A-CB25-4ED1-96AB-1D0D6B9EED08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build404:*:*:*:*:*:*",
"matchCriteriaId": "3BF908EF-B678-4360-AA22-FF3A21ADBBD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build406:*:*:*:*:*:*",
"matchCriteriaId": "DEEF7946-C5C5-4E73-ABC7-27EF17406A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build407:*:*:*:*:*:*",
"matchCriteriaId": "911A64FD-04DA-4302-A18A-628FD0576A04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build409:*:*:*:*:*:*",
"matchCriteriaId": "CB2CF53D-8CA7-484D-830F-85F0403D1F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build410:*:*:*:*:*:*",
"matchCriteriaId": "2334CCE9-1421-41C4-B836-F56E0E461509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build412:*:*:*:*:*:*",
"matchCriteriaId": "CE76D114-0FB6-4AA1-9DAC-22C365BBC2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build413:*:*:*:*:*:*",
"matchCriteriaId": "CAC74BAA-CBE9-4E6A-8BC3-EE2BDCC74BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build414:*:*:*:*:*:*",
"matchCriteriaId": "CF85F114-6640-4F42-A15C-ADD2F62DB111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build416:*:*:*:*:*:*",
"matchCriteriaId": "943F6057-DE9A-427A-A7E9-DA01C2CE3E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build417:*:*:*:*:*:*",
"matchCriteriaId": "1DE48E6D-890D-450F-9B5A-C4D85F435D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build418:*:*:*:*:*:*",
"matchCriteriaId": "B4A9E7A3-C2D4-423E-9868-FC24348B03FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build420:*:*:*:*:*:*",
"matchCriteriaId": "BFDD876B-FEDE-40C5-BDC3-42F4625CA8CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build423:*:*:*:*:*:*",
"matchCriteriaId": "21D64A56-7351-4C4C-BAE7-3681979B0617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build424:*:*:*:*:*:*",
"matchCriteriaId": "2A857B4D-5C07-4943-A378-7F2F24CF25CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.10:build425:*:*:*:*:*:*",
"matchCriteriaId": "604AA11E-76A8-49C7-8E48-9AB327DC2FCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build640:*:*:*:*:*:*",
"matchCriteriaId": "C44125A4-590E-4900-B9AC-792D09FF202C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build641:*:*:*:*:*:*",
"matchCriteriaId": "633F00F4-B992-44C0-8865-F5F104F424A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build645:*:*:*:*:*:*",
"matchCriteriaId": "ACB9BBA7-F7D9-468A-8AF4-70926DB58A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build646:*:*:*:*:*:*",
"matchCriteriaId": "36FCAD19-496B-44F9-98A2-F47CF8BECFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build649:*:*:*:*:*:*",
"matchCriteriaId": "3B8FB412-D9FF-46FD-81C7-8185FAE8C4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build651:*:*:*:*:*:*",
"matchCriteriaId": "51B50559-BBFF-4FA1-AC37-A08F12DD6BDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build653:*:*:*:*:*:*",
"matchCriteriaId": "0118CAB6-6FB8-4EA2-A381-5BC9AB897A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build654:*:*:*:*:*:*",
"matchCriteriaId": "7CE0C48D-EE95-4762-ABA1-7D2F1DFFFC90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:checkpoint:smartconsole:r81.20:build655:*:*:*:*:*:*",
"matchCriteriaId": "B017667C-1FCC-4C2A-A8F1-151E86C8549A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted DLLs in the installer\u0027s directory may be loaded and executed, leading to potentially arbitrary code execution with the installer\u0027s privileges (admin)."
},
{
"lang": "es",
"value": "Es posible que se carguen y ejecuten DLL no confiables en el directorio del instalador, lo que puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario con los privilegios del instalador (administrador)."
}
],
"id": "CVE-2024-24916",
"lastModified": "2025-09-04T19:01:30.503",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9,
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-06-19T14:15:44.983",
"references": [
{
"source": "cve@checkpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.checkpoint.com/results/sk/sk183342"
}
],
"sourceIdentifier": "cve@checkpoint.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "cve@checkpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…