Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Thin
Contributor

Do Check Point have IPS signature CVE-2020-3992?

Hello 

I have a question about CVE-2020-3992.

Due to the concern on my site, Will Check Point create a signature for this CVE?

 

Thank you

0 Kudos
5 Replies
ED
Advisor

They did mention the CVE in this article on October 26, 2020 so it's weird that they don't already have one yet. 

https://research.checkpoint.com/2020/26th-october-threat-intelligence-bulletin/ 

 

As always it's best to patch the vulnerable system itself

https://www.vmware.com/security/advisories/VMSA-2020-0023.html 

PhoneBoy
Admin
Admin

In general, we cannot create an IPS signature for every CVE.
Some CVEs are not exploitable over the network.
There may also not be sufficient details available to us to create a signature.
Not sure what the specific reason is in this case—I’ll check.

PhoneBoy
Admin
Admin

At this time there are no plans to release an IPS signature for this CVE.
If you really need it, I would request it via your local Check Point office.
However, a better approach would be to apply the relevant VMware patches/upgrades.

Thin
Contributor

Thank you, I have applied a workaround for this issue. It will be great if Check Point has a signature for the CVE.

0 Kudos
G_W_Albrecht
Legend
Legend

- If you apply the relevant VMware patches/upgrades, IPS will only have one job more if there is a new protection created for it, putting mote load on your GWs

- if you do not apply the relevant VMware patches/upgrades and instead wait for CP to add a protection to IPS you seem not to need much security at all

CCSE CCTE SMB Specialist
0 Kudos