Support Center > Search Results > SecureKnowledge Details
Check Point response to CVE-2018-8897 & CVE-2018-1087
Symptoms
  • On May 8th, 2 CVEs were disclosed under the headline of “Debug Exception May Cause Unexpected Behavior”. These are:
    • CVE-2018-8897 (error in exception handling leads to DoS)
    • CVE-2018-1087 (KVM: error in exception handling leads to wrong debug stack value)
Solution

Check Point sees these as non-exploitable, taking our business logic and best practices into consideration.

CVE-2018-8897: Since code execution privileges on Check Point appliances is to be provided to administrators only, these privilege escalation attacks are of lower relevance to Check Point appliances.

CVE-2018-1087: Check Point TEX appliances or cloud service takes into account that the malware may get high privileges on the sandbox's operating system – so there is no actual exploitability here.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment