Check Point versions lower than R80.40 are not vulnerable!
Check Point is vulnerable to OpenSSL CVE-2021-3449 in these cases only:
- Quantum Security Gateway R80.40 or R81, on the Gaia UI and only when there are no other portals enabled (such as VPN Remote Access clients, UserCheck, etc.).
- Quantum Security Management or Endpoint Management R80.40 or R81 (that should be accessible internally).
- HTTPS Inspection on R81 after enabling TLS 1.3.
This problem was fixed. The fix is included in: