CVE-2013-5636

Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of itself after each few password guesses.

Published: Nov 30, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-5636
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.3
AV:L/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
checkpoint / endpoint_security	e80.40	e80.40.x
checkpoint / endpoint_security	e80.10	e80.10.x
checkpoint / endpoint_security	e80.41	e80.41.x
checkpoint / endpoint_security	e80	e80.x
checkpoint / endpoint_security	e80.50	e80.50.x
checkpoint / endpoint_security	e80.20	e80.20.x
checkpoint / endpoint_security	e80.30	e80.30.x

http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk96589

Vulnerability Database

289,697

CVE-2013-5636