CVE-2023-28133: 
Check Point Harmony Endpoint vulnerability analysis and mitigation

A local privilege escalation vulnerability was discovered in Check Point Endpoint Security Client version E87.30 and lower versions. The vulnerability allows attackers to escalate privileges through a crafted OpenSSL configuration file. The vulnerability was assigned CVE-2023-28133 and was disclosed on July 23, 2023 (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access, low attack complexity, no privileges, and user interaction. The vulnerability is classified under CWE-732 (Incorrect Permission Assignment for Critical Resource) (NVD).

If successfully exploited, this vulnerability can lead to complete compromise of system confidentiality, integrity, and availability at the local level. The high CVSS score indicates that successful exploitation could result in significant impact to the affected system (NVD).

Check Point has addressed this vulnerability in newer versions of the Endpoint Security Client. Users are advised to upgrade from version E87.30 and lower versions to the latest available version (Check Point Advisory).