Support Center > Search Results > SecureKnowledge Details
Check Point response to OpenSSL CVE-2022-3602 and CVE-2022-3786 Technical Level
  • On Tuesday, 1 November 2022, the OpenSSL project team released OpenSSL 3.0.7 update as a security-fix release (OpenSSL Advisory).

    This release includes 2 HIGH severity vulnerabilities and was assigned to CVE-2022-3602 (Reduced from Critical) and CVE-2022-3786. These buffer overflow vulnerabilities in the Certificate could result in a denial of service or potentially remote code execution on affected versions.

    The update affects only OpenSSL versions 3.0.0 through 3.0.6. (Version 3.0 was first released in September 2021). OpenSSL version 1.x is not affected by this vulnerability, therefore older operating systems and devices are safe.

  • Check Point Products are not affected except CloudGuard AppSec.
  • For CloudGuard AppSec, some agent deployments use a vulnerable OpenSSL library as SSL clients (whereas the vulnerability mainly impacts server side usage of SSL). Regardless, an updated version of those agents is published. Customers with agent upgrade mode set to "Automatic", receive the fixed version automatically. For additional information, refer to this article.

Check Point provides preventive behavioral protections for these vulnerabilities:

Give us Feedback
Please rate this document