heartbleedCheck Point just updated SK 100173 which references the new OpenSSL vulnerability. According to the SK article the following products are not affected:

Security Gateway
Security Management Server
Multi-Domain Security Management Server
Endpoint Security Management Server
Endpoint Connect clients
SSL Network Extender (SNX)
61000 Data Center Security Appliances
21000 Data Center Security Appliances
2000 / 4000 / 12000 / 13500 Appliances
Power-1 / UTM-1 / VSX-1 / DDoS / Smart-1 Appliances
IP Series Appliances
600 appliances
1100 appliances
Edge devices
Safe@Office devices

 

 

The above list includes the following operating systems: Gaia, Gaia Embedded, SecurePlatform 2.6, SecurePlatform Embedded, IPSO 4.x, IPSO 5.x, IPSO 6.2.

Basically if you are on a supported platform, you are not vulnerable to CVE-2014-0160

Still under investigation though are the Mobile VPN clients for iOS and Android.

Heartbleed CVE-2014-0160 and Check Point

Leave a Reply

Your email address will not be published. Required fields are marked *