Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Support_Team_Bi
Contributor

IPS Update : CVE-2020-0969

Jump to solution

Hello

Would you please let me know if there are any updates on IPS with CVE-2020-0969?

Please let me know.

 

Thank you

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
Generally speaking, there has to be an "in the wild" exploit and/or get enough details from the vendor to craft an IPS signature.
There was a signature release yesterday that covered several "patch Tuesday" CVEs, including some similar ones (but different CVE number).

View solution in original post

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
Generally speaking, there has to be an "in the wild" exploit and/or get enough details from the vendor to craft an IPS signature.
There was a signature release yesterday that covered several "patch Tuesday" CVEs, including some similar ones (but different CVE number).

View solution in original post

0 Kudos
Support_Team_Bi
Contributor

I have one more question.
- Does Check Point have a plan to lunch the signature of CVE-2020-0969? When?

- Regarding covered several "patch Tuesday" CVEs, including some similar ones (but different CVE number), which CVE number was released?

Thank you

 

0 Kudos
PhoneBoy
Admin
Admin
You can see the list of CVEs we recently fixed here: https://www.checkpoint.com/advisories/
The one I was referring to: https://www.checkpoint.com/defense/advisories/public/2020/cpai-2020-0196.html
Which has a very similar description to the one you're asking about.
I'll have to check on the precise one you're asking about.
0 Kudos
PhoneBoy
Admin
Admin
As I suspected, we currently do not have enough details on CVE-2020-0969 to create a signature.
More specifically, this Microsoft browser exploit has a low probabilty for an exploit and there isn't enough technical details nor is there a proof of concept available.
Obviously if this changes, we can re-evaluate this.