Strix
26.1K

CVE-2005-4093

UnknownEPSS 3.15%

Last modified

CVE-2005-4093 is a vulnerability of currently unknown severity. Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.. EPSS estimates a 3.15% chance of exploitation in the next 30 days.

Description

Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.

Metrics

EPSS Probability
3.15%

86.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CheckpointSecureclient NgAll versions
CheckpointSecureclient Ngr56
CheckpointVpn-1 Secureclient4.0
CheckpointVpn-1 Secureclient4.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2005-4093?
Check Point VPN-1 SecureClient NG with Application Intelligence R56, NG FP1, 4.0, and 4.1 allows remote attackers to bypass security policies by modifying the local copy of the local.scv policy file after it has been downloaded from the VPN Endpoint.
How severe is CVE-2005-4093?
Severity scoring for CVE-2005-4093 is pending analysis. The EPSS model estimates a 3.15% probability of exploitation in the next 30 days.
How do I fix CVE-2005-4093?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-4093?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST