Would also like to add that what makes this a bit hard due to the lack of information is how rare this issue could potentially be in the future now that it is known.
- Does this mean that an external attacker could send a specially crafted packet to the FW and make it happen, or trick a user to visit a link with a specific URL etc.
- Would this have been a high CVSS CVE if it was a security researcher that found out about it and not Check Point.
Without more clarification it leaves us all a bit in the dark. The issuing of a High Security Alert/SK do point to that this is potentially more serious than just another rare software bug. However according to the sk it could also happen during a policy installation so who knows..
Basically, what all customers want to know is: Is this serious enough that i should cancel my IT-Teams Christmas Holiday to patch all Firewalls with a currently not
reccommended Jumbo 🙂
CCSM / CCSE / CCVS / CCTE