Check Point Response to Tenable Advisory ID: TRA-2018-04 (Gaia OS Privilege Escalation)
Check Point had already discovered the issue internally before it was disclosed by Tenable, and a fix was put in place for our next major release.
The issue is considered of low priority since the vector is begun by an authenticated trusted user that is logged on locally to the Security Gateway or Security Management machine.
Following the report and the responsible disclosure, Check Point has worked to patch relevant versions.
- Check Point R77.30 - Released R77.30 Jumbo Hotfix Accumulator Take_309 - refer to sk106162
- Check Point R80.10 - Released R80.10 Jumbo Hotfix Accumulator Take_91 - refer to sk116380
- Scalable Platforms - Released R76SP.50 Jumbo Hotfix Accumulator Take_44 see sk117633
Check Point Timeline
17-Nov-2017 - Vulnerability report arrived
18-Nov-2017 - R&D analyzed the issues reported and prioritized as low priority
20-Nov-2017 - Check Point offered the researcher a private fix and that our ETA is a Jumbo HFA during Q1'2018.
22-Nov-2017 - One issue is fixed internally
05-Dec-2017 - Released (silently as the researcher hasn't yet published his findings) the first issue
07-Dec-2017 - Completed fixing the other two issues
26-Feb-2018 - Completed the release of all relevant Jumbo HFAs