Hello everyone !

Check Point has disclosed an actively exploited zero-day affecting Check Point Security Gateway VPN deployments. The vulnerability has been addressed through vendor-provided fixes and mitigations, and organizations are strongly advised to ensure affected systems are updated immediately. They should also review exposure to Remote Access VPN and Mobile Access deployments that remain relevant in active threat landscapes.

CVSS Score: 9.3
Impact: Authentication Bypass / Unauthorized Remote Access
Affected Component: Check Point Security Gateway, Remote Access VPN, Mobile Access, and Spark Firewall deployments

According to Check Point, the vulnerability is caused by improper authentication handling in affected VPN configurations, which could allow an unauthenticated remote attacker to bypass authentication and establish a remote access VPN connection. To patch this vulnerability, apply the latest Check Point hotfixes and mitigation guidance provided by the vendor.

• Apply the latest Check Point hotfixes for affected Security Gateway deployments.

• Review Remote Access VPN, Mobile Access, and Spark Firewall configurations for exposure.

• Disable or restrict affected VPN configurations where possible until the recommended fixes are applied.

• Ensure only trusted users and authorized access methods are allowed for remote VPN connectivity.