Support Center > Search Results > SecureKnowledge Details
Check Point response to FireEye red team tools leak Technical Level
Symptoms
Solution
Check Point covers all vulnerabilities reported by FireEye with the following Threat Prevention protections:


Vulnerability IPS Threat Emulation
Pulse Connect Secure File Disclosure (CVE-2019-11510) +
Microsoft Netlogon Elevation of Privilege (CVE-2020-1472) +
Fortinet FortiOS SSL VPN Directory Traversal (CVE-2018-13379) +
Adobe ColdFusion Remote Code Execution (CVE-2018-15961) +
Microsoft SharePoint Remote Code Execution (CVE-2019-0604) +
Microsoft Remote Desktop Services Remote Code Execution (CVE-2019-0708) +
Atlassian Crowd Remote Code Execution (CVE-2019-11580) +
Citrix Multiple Products Directory Traversal (CVE-2019-19781) +
Zoho ManageEngine Remote Code Execution (CVE-2020-10189) +
Microsoft Group Policy Preferences Password Elevation of Privilege (MS14-025: CVE-2014-1812) +
Atlassian Confluence Directory Traversal (CVE-2019-3398) +
Microsoft Exchange Server Remote Code Execution (CVE-2020-0688) +
Microsoft Outlook Security Feature Bypass (CVE-2017-11774) +
Microsoft Exchange Server Privilege Escalation (CVE-2018-8581) +
Zoho ManageEngine SDP Arbitrary File Upload (CVE-2019-8394) +
Microsoft Windows Privilege Escalation (CVE-2016-0167) +


Additional information has been published on several attack tools. These are the relevant protections: 
  • Threat Emulation – HackTool.Wins.FE_RT.A,  Trojan.Wins.Generic.F
  • Anti-Bot - Backdoor.Win32.Beacon.A, Backdoor.Win32.Beacon.B, Backdoor.Win32.Beacon.C, Backdoor.Win32.Beacon.D, Backdoor.Win32.Beacon.E, Backdoor.Win32.Beacon.F, Backdoor.Win32.Beacon.G, Backdoor.Win32.Beacon.H, Trojan.Win32.Rubeus.C, Trojan.Win32.Rubeus.D
  • Anti-Virus - Trojan.Win32.FireEyeHack.TC

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment