CVE-2023-28134: 
Check Point Harmony Endpoint vulnerability analysis and mitigation

CVE-2023-28134 is a local privilege escalation vulnerability affecting Check Point Harmony Endpoint and ZoneAlarm Extreme Security. The vulnerability was discovered and reported in March 2023, requiring an attacker to first obtain the ability to execute low-privileged code on the target system to exploit it (NVD, CVE).

The specific vulnerability exists within the Remediation Service of the affected products. The flaw allows attackers to abuse the service to change the DACL on a folder by creating a symbolic link. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements with high impact potential (ZDI).

When successfully exploited, this vulnerability allows attackers to escalate privileges and execute arbitrary code in the context of SYSTEM, effectively gaining complete control over the affected system (ZDI).

Check Point has released security updates to address this vulnerability. The fix is included in Enterprise Endpoint Security E87.10 Windows Clients and newer versions (Checkpoint Advisory).