Support Center > Search Results > SecureKnowledge Details
Check Point Response to Realtek SDK CVE-2022-27255 Technical Level
Symptoms
  • CVE-2022-27255 - In Realtek eCos RSDK 1.5.7p1 and MSDK 4.9.4p1, the SIP ALG function that rewrites SDP data has a stack-based buffer overflow. This allows an attacker to remotely execute code without authentication via a crafted SIP packet that contains malicious SDP data.
Solution

CVE-2022-27255 relates to Realtek SDK.

Check Point products are not vulnerable to this CVE because Realtek SDK is not used in Check Point code.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment