https://community.checkpoint.com/t5/General-Topics/CVE-2022-3602-amp-CVE-2022-3786-in-relation-to-Check-Point/m-p/160980#M26909 <P>Here is a quote from the related <A href="https://blog.checkpoint.com/2022/10/30/openssl-gives-heads-up-to-critical-vulnerability-disclosure-check-point-alerts-organizations-to-prepare-now/" target="_self">Check Point Blog article</A>: "<SPAN>Check Point Researchers are keeping a close watch on this story and we will report back as development becomes available"<BR /><BR />Also, look <A href="https://blog.checkpoint.com/2022/11/01/openssl-vulnerability-cve-2022-3602-remote-code-execution-and-cve-2022-3786-denial-of-service-check-point-research-update/" target="_self">here</A>:</SPAN></P> <H2><EM>What can I do until further details are revealed?</EM></H2> <P><EM>In the meantime, organizations should stay alert and utilize security’s best practices, including patching and updating all systems to the latest operating system, and getting ready to update IPS once they become available.</EM><BR /><EM><STRONG>Customer Guidance for reported security update OpenSSL 3.0.0 to 3.0.6 versions</STRONG>&nbsp;is available&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk180206" target="_blank">here</A></EM><BR /><EM>At any given moment, if you feel you’ve been breached or under attack contact our&nbsp;<A href="https://www.checkpoint.com/support-services/threatcloud-incident-response/" target="_blank">Emergency Response Hotline</A></EM><BR /><EM>In addition our worldwide Technical Assistance Centers are&nbsp;<A href="https://www.checkpoint.com/support-services/contact-support/" target="_blank">available</A>&nbsp;to assist you 24 x 7.</EM></P> <P><SPAN>My understanding is, it is still in the works. Actual exploitation tools are required to produce IPS signatures, and none are known at this point.</SPAN></P> Wed, 02 Nov 2022 07:41:31 GMT _Val_ 2022-11-02T07:41:31Z https://community.checkpoint.com/t5/General-Topics/CVE-2022-3602-amp-CVE-2022-3786-in-relation-to-Check-Point/m-p/160942#M26896 <P>On Tuesday, 1 November 2022, the OpenSSL project team released OpenSSL 3.0.7 update as a security-fix release (<A href="https://www.openssl.org/news/secadv/20221101.txt" target="_blank" rel="noopener">OpenSSL Advisory</A>).</P> <P>This release includes 2 HIGH severity vulnerabilities and was assigned to<SPAN>&nbsp;</SPAN><STRONG>CVE-2022-3602<SPAN>&nbsp;</SPAN></STRONG>(Reduced from Critical)<STRONG><SPAN>&nbsp;</SPAN>&amp; CVE-2022-3786</STRONG>. These buffer overflow vulnerabilities in the Certificate could result in a denial of service or potentially remote code execution on affected versions.</P> <P>The update affects only OpenSSL versions 3.0.0 through 3.0.6. (Version 3.0 was first released in September 2021). OpenSSL version 1.x is not affected by this vulnerability, therefore older operating systems and devices are safe.</P> <P>Just to clarify, Check Point is using&nbsp;<SPAN>OpenSSL 1.1.1 release and therefore is not vulnerable.<BR /><BR />For more information, please refer to&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk180206" target="_self">sk180206</A> and&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk92447" target="_self">sk92447</A></SPAN></P> Tue, 01 Nov 2022 19:09:04 GMT https://community.checkpoint.com/t5/General-Topics/CVE-2022-3602-amp-CVE-2022-3786-in-relation-to-Check-Point/m-p/160942#M26896 _Val_ 2022-11-01T19:09:04Z https://community.checkpoint.com/t5/General-Topics/CVE-2022-3602-amp-CVE-2022-3786-in-relation-to-Check-Point/m-p/160951#M26901 <P>Any word on an IPS protection to catch malicious certificates trying to exploit these on other systems?</P> Tue, 01 Nov 2022 19:48:07 GMT https://community.checkpoint.com/t5/General-Topics/CVE-2022-3602-amp-CVE-2022-3786-in-relation-to-Check-Point/m-p/160951#M26901 Bob_Zimmerman 2022-11-01T19:48:07Z https://community.checkpoint.com/t5/General-Topics/CVE-2022-3602-amp-CVE-2022-3786-in-relation-to-Check-Point/m-p/160980#M26909 <P>Here is a quote from the related <A href="https://blog.checkpoint.com/2022/10/30/openssl-gives-heads-up-to-critical-vulnerability-disclosure-check-point-alerts-organizations-to-prepare-now/" target="_self">Check Point Blog article</A>: "<SPAN>Check Point Researchers are keeping a close watch on this story and we will report back as development becomes available"<BR /><BR />Also, look <A href="https://blog.checkpoint.com/2022/11/01/openssl-vulnerability-cve-2022-3602-remote-code-execution-and-cve-2022-3786-denial-of-service-check-point-research-update/" target="_self">here</A>:</SPAN></P> <H2><EM>What can I do until further details are revealed?</EM></H2> <P><EM>In the meantime, organizations should stay alert and utilize security’s best practices, including patching and updating all systems to the latest operating system, and getting ready to update IPS once they become available.</EM><BR /><EM><STRONG>Customer Guidance for reported security update OpenSSL 3.0.0 to 3.0.6 versions</STRONG>&nbsp;is available&nbsp;<A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk180206" target="_blank">here</A></EM><BR /><EM>At any given moment, if you feel you’ve been breached or under attack contact our&nbsp;<A href="https://www.checkpoint.com/support-services/threatcloud-incident-response/" target="_blank">Emergency Response Hotline</A></EM><BR /><EM>In addition our worldwide Technical Assistance Centers are&nbsp;<A href="https://www.checkpoint.com/support-services/contact-support/" target="_blank">available</A>&nbsp;to assist you 24 x 7.</EM></P> <P><SPAN>My understanding is, it is still in the works. Actual exploitation tools are required to produce IPS signatures, and none are known at this point.</SPAN></P> Wed, 02 Nov 2022 07:41:31 GMT https://community.checkpoint.com/t5/General-Topics/CVE-2022-3602-amp-CVE-2022-3786-in-relation-to-Check-Point/m-p/160980#M26909 _Val_ 2022-11-02T07:41:31Z https://community.checkpoint.com/t5/General-Topics/CVE-2022-3602-amp-CVE-2022-3786-in-relation-to-Check-Point/m-p/161280#M26966 <P>IPS update was released yesterday. It's described in&nbsp;<SPAN>sk180206, and the protection name is&nbsp;<A href="https://advisories.checkpoint.com/defense/advisories/public/2022/cpai-2022-0784.html" target="_self">OpenSSL Buffer Overflow (CVE-2022-3602; CVE-2022-3786).</A><BR /></SPAN></P> Fri, 04 Nov 2022 18:15:26 GMT https://community.checkpoint.com/t5/General-Topics/CVE-2022-3602-amp-CVE-2022-3786-in-relation-to-Check-Point/m-p/161280#M26966 Bob_Zimmerman 2022-11-04T18:15:26Z