Check Point Response to BMC Vulnerability (Pantsdown, CVE-2019-6260)
Access to the BMC memory is possible without authentication via Advanced High-Performance Bus (AHB).
There is no added risk to Check Point appliances, since code execution privileges are to be provided to trusted administrators only and exploiting this vulnerability requires such code execution on the Check Point host.
Using this exploit via network is not possible because the BMC console UART is not used in Check Point appliances.
A fix is integrated into released LOM firmware 2.43n (specific Smart-1 devices) and 3.35g (5000/15000/23000 devices). It is available for download in sk88064.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.