CVE-2024-24916 | THREATINT

Description

Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin).

PUBLISHED Reserved 2024-02-01 | Published 2025-06-19 | Updated 2025-06-20 | Assigner checkpoint

MEDIUM: 6.5CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Problem types

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Product status

Check Point SmartConsole versions R81.10, R81.20

affected

References

support.checkpoint.com/results/sk/sk183342

cve.org (CVE-2024-24916)

nvd.nist.gov (CVE-2024-24916)

Download JSON