Illumant has discovered a critical vulnerability in Check Point’s ZoneAlarm anti-virus software. This vulnerability allows a low-privileged user to escalate privileges to SYSTEM-level with the anti-virus software enabled. The vulnerability is due to insecure implementation of inter-process communications within the ZoneAlarm application itself, which allows a low-privilege user to inject and execute code by hijacking the insecure communications with a vulnerable .NET service.

https://www.illumant.com/blog/2019/01/16/check-point-anti-virus-technical-white-paper/