Support Center > Search Results > SecureKnowledge Details
Unauthorized VPN access to internal networks via IKEv2 tunnel (CVE-2019-8456)
Symptoms
  • In some less common conditions, Check Point IKEv2 IPsec VPN up to R80.30 may allow an attacker with knowledge of the internal configuration and setup to successfully connect to a site-to-site VPN server.
Solution

Important Notes: 

  • R77.x versions are not affected since they use a different code. 
  • The vulnerability is relevant to IKEv2 only.
  • The issue is relevant to Security Gateways only and has no effect on Security Management servers.

 

This problem was fixed. The fix is included in:

Check Point recommends to always upgrade to the most recent version.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment