Support Center > Search Results > SecureKnowledge Details
Endpoint Connect (EPC) DLL hijacking vulnerability Technical Level
Symptoms
  • The EPC GUI application (TrGUI.exe) is susceptible to DLL hijacking.
  • If the user does not have Admin privileges, this vulnerability will not lead to elevation of privileges, and therefore is considered of low severity.
  • Vulnerable versions:
    • Endpoint Security VPN R75
    • Remote Access Clients E75.x
    • Endpoint Security R73.x/E80.x (VPN blade)
  • Endpoint Connect R73.x
  • CVE-2012-2753 is reserved for this vulnerability.
  • Hotfix is available.
  • Solution

    Customers should install the following Hotfixes:

    • Security HF for Remote Access Clients E75.20
      • For installation instructions, please refer to the "Upgrade clients to this release" chapter in E75.20 Release Notes
      • Upgrade to this HF from the following versions:
        • Endpoint Security VPN R75
        • Remote Access Clients E75.x
        • Endpoint Connect R73.x 
    • Security HF for E80.32
      • For installation instructions, please refer to the "Deploying Upgraded Clients" chapter in E80.32 Release Notes
      • Upgrade to this HF from Endpoint Security R73.x/E80.x (Upgrade from R73.x should be done first to E80.30, and then this fix can be applied.)

    Credit

    Check Point thanks Moshe Zioni of Comsec Consulting for bringing this issue to our attention in a forthright and professional manner.

    This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
    This solution is about products that are no longer supported and it will not be updated

    Give us Feedback
    Please rate this document
    [1=Worst,5=Best]
    Comment