203 matches found
Check Point Response to CVE-2021-36299, CVE-2021-36300, CVE-2021-36301, CVE-2021-20235 - Dell iDRAC9 Vulnerabilities
Cause CVE-2021-36299 - An SQL injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to the affected application. CVE-2021-36300 -...
Mobile Access Portal Agent before Build 800007042 runs Arbitrary Applications
Cause Mobile Access Portal Agent runs predefined Native Applications. If administrator configured such application with environment variables in the path, Portal Agent may run an arbitrary application that was placed in a specially created location. Symptoms - When environment variables are used ...
Check Point Response to Apache Log4j Remote Code Execution
Solution On December 10, 2021, a proof of concept of a vulnerability in the Apache Log4j Java library CVE-2021-44228 was published. The vulnerability may allow unauthenticated threat actors to obtain remote code execution. The severity of the vulnerability was deemed critical. The Check Point...
Check Point Response to CVE-2021-30359 - Harmony Browse installer or SandBlast Agent for Browsers installer can be used for privileges escalation
Cause The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer let regular users to repair their installation, an attacker running the old version of the installer can start the installati...
Check Point Response to CVE-2021-21538 - Dell iDRAC9 improper authentication vulnerability
Symptoms - Dell published CVE-2021-21538 for iDRAC9 versions 4.40.00.00 and later, but lower than 4.40.10.00 - A remote unauthenticated attacker could potentially exploit this authentication vulnerability to gain access to the virtual console Solution Important Note: If you have not enabled iDRAC...
Check Point response to Media Encryption EPM Explorer lockout bypass (CVE-2013-5635 and CVE-2013-5636)
...
Check Point Response to CVE-2021-30357 - partial information disclosure in SNX client for Linux before build 800008302
Cause SNX can accept files with connection commands. If such a file contains wrong commands, SNX prints the line with unrecognized command. Since SNX runs as ROOT, an attacker can supply any file on the system and get one line of its content. If the file contains sensitive information, the attack...
Check Point Response to CVE-2020-28041 - NAT Slipstreaming
Cause The attack involves several vectors - Local IP disclosure, max MTU UDP and TCP calculation and leveraging a SIP parser weakness in fragmented HTTP packets which enables to "Slipstream" a legitimate SIP connection in an HTTP POST request generated by the victim's browser. The full descriptio...
Check Point Response to CVE-2021-36347, CVE-2021-36348, CVE-2021-36346, CVE-2021-3712 - Dell iDRAC8 / iDRAC9 vulnerabilities
Cause See Dell's DSA-2021-259: Dell EMC iDRAC Security Update for Multiple Security Vulnerabilities. CVE-2021-36347 CVE-2021-36348 CVE-2021-36346 CVE-2021-3712 Symptoms - Dell published CVE-2021-36347 for iDRAC8 versions before 2.82.82.82 and iDRAC9 versions before 5.00.20.00 - Dell published...
Check Point Response to CVE-2019-8456 - unauthorized VPN access to internal networks via IKEv2 tunnel
Symptoms - In some less common conditions, Check Point IKEv2 IPsec VPN up to R80.30 may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server. Solution Important Notes: R77.x versions are not affected because they use a...
Check Point response to OSPF LSA spoofing vulnerability (CVE-2013-0149, CVE-2013-7311)
...
Check Point Response to Spring Vulnerabilities CVE-2022-22963, CVE-2022-22946, CVE-2022-22947, CVE-2022-22965 (Spring4Shell), CVE-2022-22950
Solution On March 29, 2022, new CVEs were published on Spring Cloud: CVE-2022-22963, CVE-2022-22946, CVE-2022-22947, and CVE-2022-22950. On March 31, 2022, a bypass to the fix for CVE-2010-1622 was published by Praetorian, and received the nickname "Spring4Shell" see Spring Core on JDK9+ is...
Check Point response to CVE-2022-0778
Symptoms Dell published CVE-2022-0778 for: iDRAC8 versions before 2.83.83.83 iDRAC9 versions before 5.10.30.00 Cause Refer to DSA-2022-154: Dell iDRAC8 and Dell iDRAC9 Security Update for an OpenSSL Vulnerability. Solution Important Note: If you have not enabled iDRAC as described in sk122914, th...
ICS Scan Results Forgery Vulnerability (CVE-2007-0471)
...
SecureClient NGX R60 HFA 02 Supplement 2 protects against Auto Local Logon vulnerability (CVE-2008-0662)
...
Check Point response to Connectra Login XSS (CVE-2008-5994)
...
VPN-1 UTM Edge cross-site request forgery vulnerability (CVE-2007-3489)
...
Check Point Response to CVE-2021-4034 - local privilege escalation in polkit's pkexec
Symptoms - A Local Privilege Escalation from any user to root was discovered in polkit's pkexec, a SUID-root program that is installed by default on every major Linux distribution. The vulnerability allows unprivileged users to run commands as privileged users according to predefined policies. Fo...
Check Point Response to CVE-2022-21449 - Java "Psychic Signatures"
Symptoms - On April 20, 2022, security researcher Neil Madden published a blog post in which he provided details about a newly disclosed vulnerability in Java, CVE-2022-21449 or "Psychic Signatures". This security vulnerability originates in an incorrect implementation of the ECDSA signature...
Check Point Response to CVE-2021-30361 - Gaia Portal Authenticated Command Injection
Symptoms - The "Security Management GUI Clients" feature in Check Point Gaia Portal allows authenticated administrators with permission for the GUI Clients settings to inject a CLI command that can run on the Gaia OS. This issue was discovered and responsibly disclosed by Christophe Schleypen of...
Check Point Response to CVE-2022-0778 - possible infinite loop when parsing ECDSA certificates/keys in OpenSSL
Symptoms - A vulnerability was found in OpenSSL, making it possible to trigger an infinite loop by crafting a certificate with invalid explicit curve parameters. Because certificate parsing occurs before verification of the certificate signature, a process that parses an externally supplied...
Check Point Response to Ripple20 Vulnerabilities
Symptoms - On June 16, 2020, CERT published vulnerabilities in the Treck IP Stack with the following CVEs: CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, CVE-2020-11899, CVE-2020-11900, CVE-2020-11901, CVE-2020-11902, CVE-2020-11903, CVE-2020-11904, CVE-2020-11905, CVE-2020-11906, CVE-2020-11907...
Check Point response to OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924
...
OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924
...
CVE-2026-48131 - VPND IKE Fragment Reassembly - Heap Out-of-Bounds Write via Sequence Number Zero
Symptoms - The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service temporary disruption of VPN-related functionality. - The...
Check Point Response to Apache HTTP Server CVE-2011-3192 Denial Of Service Vulnerability
...
Check Point Response to CVE-2022-24422 - Dell iDRAC9 Security Update for an Improper Authentication Vulnerability
Cause Refer to Dell's DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability. Symptoms - Dell published CVE-2022-24422 for iDRAC9 versions 5.00.00.00 and higher but lower than 5.10.10.00. These versions contain an improper authentication vulnerability. A remote...
Check Point response to CVE-2021-43267
Symptoms A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent inter-process communication. An attacker, with the ability to send TIPC messages to the target, can cause memory corruption and escalate privileges on the target system. Cause This...
Check Point response to OpenSSL vulnerability (CVE-2014-0160)
...
Check Point Response to CVE-2019-11477, CVE-2019-11478, CVE-2019-11479 - TCP SACK PANIC Linux Kernel vulnerabilities
Cause CVE-2019-11477: The Linux kernel is vulnerable to an integer overflow in the 16-bit width of TCPSKBCBskb- tcpgsosegs. A remote attacker could exploit this to crash the system and create a Denial Of Service. CVE-2019-11478: The Linux kernel is vulnerable to a flaw that allows attackers to se...
Check Point response to NTP vulnerabilities (CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296)
...
Check Point response to CVE-2004-0230
...
Check Point Response to CVE-2008-5161 - OpenSSH CBC mode information disclosure vulnerability
Cause This weakness could allow an attacker who is able to inject arbitrary data into an SSH session to recover up to 32 bits 4 bytes of data by causing an error condition. This attack method causes the SSH session to terminate and therefore cannot be used to obtain arbitrary amounts of data from...
Check Point Response to CVE-2020-0601 - CryptoAPI Spoofing Vulnerability
Symptoms - On January 14, 2020, Microsoft published the following: A spoofing vulnerability exists in the way Windows CryptoAPI Crypt32.dll validates Elliptic Curve Cryptography ECC certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a...
Check Point Response to CVE-2015-0235 (glibc - GHOST)
...
Check Point Response to CVE-2016-0777 and CVE-2016-0778 - OpenSSH Client vulnerabilities
Symptoms - Qualys Security team discovered two vulnerabilities in the roaming code of the OpenSSH client CVE-2016-0777 and CVE-2016-0778: SSH roaming enables a client, in case an SSH connection breaks unexpectedly, to resume it at a later time, provided the SSH server also supports it. Solution T...
Check Point Response to CVE-2014-6271 and CVE-2014-7169 Bash Code Injection vulnerability
...
Check Point response to CVE-2009-1227 (Bugtraq ID: 34286)
...
Check Point Response to CVE-2020-10713 - GRUB2 bootloader is vulnerable to buffer overflow
Symptoms - CVE-2020-10713 states: "The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled." For more information, refer to https://www.kb.cert.org/vuls/id/174059. Solution Gaia OS versions R81.10...
Check Point Response to Wi-Fi FragAttacks in Quantum Spark appliances
Cause Several CVEs were published on Wi-Fi devices under the name FragAttacks. More information about them can be found at: https://www.fragattacks.com/ The list of new CVEs related to wireless security flaws with fragmented and aggregated frames, is relevant to Check Point Quantum Spark wireless...
Check Point Response to CVE-2020-8597 - PPP buffer overflow vulnerability
Cause The bounds check for the rhostname was improperly constructed in the EAP request and response functions, which could allow a buffer overflow to occur. Configuring to connect to a malicious server can expose the system to this vulnerability. Symptoms - A buffer overflow flaw was found in the...
UTM-1 Edge W Embedded NGX 7.0.48x reflected XSS vulnerability (low severity) (CVE-2008-1208)
...
Check Point Response to CVE-2021-3449 - OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message
Symptoms - OpenSSL published CVE-2021-3449 for versions OpenSSL 1.1.1. - This issue can cause a corresponding process to stop working in Gaia OS. Solution Check Point versions R80.30 and lower are not vulnerable! Check Point is vulnerable to OpenSSL CVE-2021-3449 only in these cases: Quantum...
SSL/TLS MITM vulnerability (CVE-2014-0224)
...
Check Point response to CVE-2012-4929, CVE-2012-4930 aka CRIME attack
...
CVE-2022-23745 - Memory corruption issue in Capsule Workspace on Android mobile devices
Symptoms A potential memory corruption issue was found in Capsule Workspace Android app running on GrapheneOS. This could result in application crashing but could not be used to gather any sensitive information. This issue was discovered and responsibly disclosed by Gabe Flawedworld and received ...
Check Point Response to Intel Microarchitectural Data Sampling Vulnerabilities (Fallout, RIDL, Zombieload) (CVE-2018-12126 , CVE-2018-12127, CVE-2018-12130, CVE-2019-11091)
Symptoms - Researchers have released information about several vulnerabilities in Intel processors: Under certain conditions, data in microarchitectural structures that the currently-running software does not have permission to access may be speculatively accessed by faulting or assisting load or...
Check Point response to Apple CVE-2014-1266
...
Check Point response to CVE-2011-3389 aka BEAST attack
...
Check Point response to Sockstress TCP DoS attacks (CVE-2008-4609)
...