Hi Thomas,
AFAIK, we haven't yet seen the actual exploitation, but that doesn't mean that it hasn't or won't happen. By the description of the bug, the vulnerability is while reading the ECDSA extensions. Therefore, disabling them shouldn't have an effect as we're trying to understand what to use and that's where the exploitation takes place.
How dangerous? It is not a breach, but rather a Denial of Service, and this would happen when the gateway reads a client or server certificate (e.g. HTTPS Inspection reaching a web site with a malicious certificate).
As this is a public vulnerability with published exploits, Check Point highly recommends installing security fixes that we release.
HTH,
Ethan