Volerion logoVolerion
Volerion logoVolerion

Check Point SmartConsole Untrusted DLL Loading Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A DLL hijacking vulnerability has been identified in Check Point SmartConsole versions R81.10 and R81.20. This issue arises because the installer can load and execute untrusted DLLs from its directory, potentially leading to arbitrary code execution with administrative privileges. The vulnerability is caused by the installer using the default Windows DLL search order, which includes the current working directory. If required DLLs are missing or not loaded from a secure path, this can be exploited.

Impact

Exploitation of this vulnerability could result in arbitrary code execution with the privileges of the SmartConsole installer, which are administrative.

Remediation

This vulnerability has been fixed in SmartConsole for R82. Users are advised to upgrade to the recommended version. If a SmartConsole client is connected to the Internet, it will automatically suggest installing the most recent recommended build.

Added: Jun 19, 2025, 2:18 PM
Updated: Jun 19, 2025, 2:18 PM

Vulnerability Rating

Custom Algorithm
spread
5.4
impact
10.0
exploitability
3.0
remediation
7.7
relevance
0.2
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.