CVE-2013-5635

Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not properly maintain the state of password failures, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by entering password guesses within multiple Unlock.exe processes that are running simultaneously.

Published: Nov 30, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-5635
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.3
AV:L/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
checkpoint / endpoint_security	e80.40	e80.40.x
checkpoint / endpoint_security	e80.10	e80.10.x
checkpoint / endpoint_security	e80.41	e80.41.x
checkpoint / endpoint_security	e80	e80.x
checkpoint / endpoint_security	e80.50	e80.50.x
checkpoint / endpoint_security	e80.20	e80.20.x
checkpoint / endpoint_security	e80.30	e80.30.x

http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk96589

Vulnerability Database

289,697

CVE-2013-5635