topic Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466 in General Topics

Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

Blason_R — Fri, 21 Feb 2025 07:34:57 GMT

Hi Team,

According to the recent vulnerabilities disclosed by Qualys which are CVE-2025-26465/26466 curious to know if CP products are vulnerable and if any fix is released?

TIA

Blason R

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

Chris_Atkinson — Fri, 21 Feb 2025 09:25:03 GMT

Please raise this with TAC otherwise monitor these repositories:

https://support.checkpoint.com/security-advisories

https://support.checkpoint.com/results/sk/sk65269

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

the_rock — Fri, 21 Feb 2025 13:15:27 GMT

I agree with Chris, best to open TAC case. Ironically enough, when I check those CVEs on support site, all I get is your post lol

And FWIW, see what AI Copilot says:

I'm sorry, but I don't have the information on that topic. For the most accurate and up-to-date information regarding vulnerabilities and their impact on Check Point products, I recommend referring to the official Check Point support site or contacting Check Point Support directly. You can visit the support site at Check Point Support.

Learn more:

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

G_W_Albrecht — Fri, 21 Feb 2025 13:45:25 GMT

If we look at the SSH version in R81.x/R82, we learn that only CVE-2025-26465 is present according to the Qualis version list.

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

PhoneBoy — Fri, 21 Feb 2025 21:57:17 GMT

For an official response, please check with TAC.
Unofficially, I don't believe these CVEs to be major issues:

CVE-2025-26465 is an ssh client vulnerability that requires an option to be explicitly set in the ssh_config file that isn't set by default. The only way to exploit this is from expert mode, which should only be given to trusted users.
CVE-2025-26466 appears to be related to a version of OpenSSH we currently don't use.

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

genisis__ — Sat, 22 Feb 2025 14:47:32 GMT

Note if this is related to what I queried, but I do have a TAC case related to OpenSSH vulnerability; currently waiting on a response from TAC. I know when Tenable scanned the appliances it rated the OpenSSH as medium level vulnerability.

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

the_rock — Sat, 22 Feb 2025 17:16:07 GMT

Please keep us posted what they say. I had customer ask me about it yesterday, but I told him there is community post on the subject, so did not bother opening a TAC case.

Andy

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

Blason_R — Sat, 22 Feb 2025 17:25:18 GMT

The severity of the vulnerabilities is not classified as medium or high if they are identified by any organization regulated by authorities, which must either address the issues through patching or provide justification for their existence.

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

the_rock — Sat, 22 Feb 2025 17:28:38 GMT

You got that 100% right @Blason_R

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

genisis__ — Sat, 22 Feb 2025 17:58:03 GMT

Will do, I'm hoping they will say that OpenSSH will be updated in the next Jumbo.

Re: Are CP Products with 81.x and 82 safe from CVE-2025-26465 and CVE-2025-26466

the_rock — Sat, 22 Feb 2025 18:00:31 GMT

Latest one is 98, so lets see.

Andy