Support Center > Alerts > SecureKnowledge Details
Check Point response to CVE-2015-3456 (VENOM)
Symptoms
  • A vulnerability in the virtual floppy drive code was discovered (CVE-2015-3456).
Solution

The relevant fix for Threat Emulation gateway is already available and has been integrated in Threat Emulation engine version 24.990000010 (refer to sk95235).
Any Threat Emulation engine version that is lower than 24.990000010 is vulnerable to CVE-2015-3456.

Offline update packages are already available in sk92509 - Offline updates for Threat Emulation images and engine.

Automatic gradual update to all Threat Emulation customers will be released during the week of May 17-22, 2015. All customers with active Threat Emulation online updates (by default, online updates are enabled) will get it in this time frame.

 

Check the current version of Instructions
Threat Emulation Engine Update
  1. Connect to command line on Threat Emulation Gateway.

  2. Check the current version:

    • Either log in to Clish and run this command:

      HostName> tecli advanced engine version
    • Or log in to Expert mode and run either one of these commands:

      • [Expert@HostName:0]# tecli advanced engine version
      • [Expert@HostName:0]# cat $FWDIR/teCurrentPack/te_ver.ini
Threat Emulation Image
  1. Connect to command line on Threat Emulation Gateway.

  2. Log in to Expert mode.

  3. Check the current version:

    [Expert@HostName]# tecli show downloads images

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment