Unauthorized VPN access to internal networks via IKEv2 tunnel (CVE-2019-8456)
|Platform / Model
- In some less common conditions, Check Point IKEv2 IPsec VPN up to R80.30 may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server.
- R77.x versions are not affected since they use a different code.
- The vulnerability is relevant to IKEv2 only.
- The issue is relevant to Security Gateways only and has no effect on Security Management servers.
This problem was fixed. The fix is included in:
Check Point recommends to always upgrade to the most recent version.