topic firewall vulnerability in Firewall and Security Management

firewall vulnerability

umar7 — Fri, 03 Feb 2023 02:47:03 GMT

Based on recent security review for vulnerability (CVE-2023-22809), the Firewall servers are impacted.

Kindly share the related steps or article for how to upgrade the SUDO version 1.8.19p2 to 1.9.12p2

Re: firewall vulnerability

PhoneBoy — Fri, 03 Feb 2023 06:33:56 GMT

sudo requires access to the expert mode shell, which is already root access.
Therefore, this vulnerability is not relevant.

Re: firewall vulnerability

_Val_ — Fri, 03 Feb 2023 09:37:17 GMT

Hi @umar7

Check Point is not exploitable to this CVE since to run the sudo or sudoedit command you need to be in Expert mode, which means that you are already admin and the privilege escalation is meaningless.

Also, users on Gaia are not configured to run the sudo command (not sudoers).
Gaia Embedded Appliances are also not vulnerable since they do not use sudo at all.

Mind, if you need an official written answer from Check Point (the one I am giving you is not, technically), open a TAC request.