CVE-2026-48133 Identity Awareness Captive Portal - Unauthenticated Local File Inclusion

Symptoms - When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway. - This issue affects: R82.10 with Jumbo Hotfix Take 6 or below R82 with Jumbo Hotfix Take 91 or below R81.20 with...

CVE-2026-48134 - SQL injection issue in UserCheck Portal when DLP is active

Symptoms - When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This coul...

CVE-2026-48132 - VPN service may restart unexpectedly when processing IKE traffic over NAT-T 4500/UDP

Symptoms - The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used 4500/UDP. As a result, a specially crafted or malformed packet can cause the VPN processing service to terminate unexpectedly, leading to denial of service temporary interruption o...

Check Point Response to CVE-2024-24914 - TCL substitution of global parameter values

Symptoms - After logging in to Gaia Portal, authenticated users local Gaia users and RADIUS / TACACS users may cause code injection in Gaia Portal because of unprotected global variables usage when processing the HTTP request in the TCL process. This issue received the ID CVE-2024-24914. Solution...

Preventative Hotfix for CVE-2024-24919 - Quantum Gateway Information Disclosure

Solution This article refers to Quantum Security Gateways running Gaia OS and CloudGuard Network Security. For Quantum Spark Gateways that run a Gaia Embedded OS, see sk182357. Following our security update on May 27, 2024, Check Point's dedicated task force continues investigating attempts to ga...

Check Point Response to CVE-2023-28130 - Hostname command injection in Gaia Portal

Symptoms - Local user may lead to privilege escalation using Gaia Portal "Hosts and DNS" page. This issue received the ID CVE-2023-28130. Solution This problem was fixed. The fix adds more validations on user input and is included starting from: Check Point R82 Jumbo Hotfix Accumulator for R81.20...

Detection issue of malicious URLs in Anti-Bot / Anti-Virus after installing Take 143 of R77.30 Jumbo Hotfix Accumulator

...