This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
G_W_Albrecht
Legend Legend
Legend
‎2020-08-17 02:54 AM

Latest firmware builds for 77.20.xx SMB appliances

In sk165875: Check Point Response to CVE-2020-8597 (PPP buffer overflow vulnerability) we found the latest 77.20.xx firmware builds for SMB appliances - but now in response to DNSpooQ (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685), CP TAC provided fixed versions also for older models (2021-02):

With sk176148: Check Point response to CVE-2021-26414 - "Windows DCOM Server Security Feature Bypass" customers using MS DC/AD received fixed firmware versions that are available from TAC only (01-Nov-2021):

  • R77.20.87 build 990173127 for 700/1400 appliances
  • R77.20.81 Build 990172625 for 1200R appliances
CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
67 Replies
G_W_Albrecht
Legend Legend
Legend
‎2022-10-18 12:57 AM

Added references to  sk176148

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Peter_Lyndley
Advisor
Advisor
‎2023-01-23 01:37 AM
In response to G_W_Albrecht

Can anyone confirm if we still need to contact TAC for 

  • R77.20.87 build 990173127 for 700 / 1400 appliances (contact Check Point Support to get it or whether the fixes related to DCOM etc are now included in the latest build(s) - there are still a lot of 1400s out there.
0 Kudos
_Val_
Admin
Admin
‎2023-01-23 01:47 AM
In response to Peter_Lyndley

1400 series reached Engineering support in October 2022. R77.20 HFA 11 firmware can be downloaded throughsk151574

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-01-23 02:28 AM
In response to Peter_Lyndley

YES.

Build 990173120 is the latest R77.20.87 Jumbo Hotfix Accumulator General Availability release that can be directly downloaded from this article: sk153433: Jumbo Hotfix Accumulator for R77.20.87

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Naftali_Oziel
Collaborator
‎2023-01-23 04:35 AM
In response to G_W_Albrecht

You can request custom build, based on TAC another GA will be released but unknown date? Running on B139 that provided many accumulative fixes including brute force vulnerability against SSL VPN, fix was ported from R81.   So if you are using VPN SSL which uses the SNX portal get the fix asap or disable using that feature.  

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2023-01-23 06:49 AM
In response to Naftali_Oziel

Good to know ! I still run fw1_sx_dep_R77_990173127_20.img but no SNX is enabled.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Naftali_Oziel
Collaborator
‎2023-01-23 04:41 AM
In response to Peter_Lyndley

Read my updates post below 

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2024-11-11 04:29 AM

Above Links have changed:

R77.20.80 Build 2507 is not available anymore - only R77.20 HFA 80 Build 990172392 firmware for 1200R Appliances https://support.checkpoint.com/results/sk/sk123294

And from https://support.checkpoint.com/results/sk/sk182357

Effective 29 May 2024: The R77.20.81 images were replaced with Build 990172628 (replacing Build 990172701) to protect against CVE-2024-24919. https://support.checkpoint.com/results/sk/sk151574#Downloads See sk182357.

Effective 29 May 2024: The R77.20.87 images were replaced with Build 990173160 (replacing Build 990173122) to protect against CVE-2024-24919. https://support.checkpoint.com/results/sk/sk151574#Downloads See sk182357.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top