IT security solution Check Point Security Gateway is vulnerable

The developers of Check Point have closed several vulnerabilities in Spark Firewall and Security Gateway.

(Image: Ole.CNX / Shutterstock.com)

at 11:11 am CEST

2 min. read

By

Dennis Schirrmacher

To protect networks from possible attacks, admins must update the IT security solutions Spark Firewall and Security Gateways from Check Point to the latest version.

Various Dangers

In total, the developers have closed four software vulnerabilities. Three of them (CVE-2026-48131, CVE-2026-48132, CVE-2026-48133) are classified with the threat level “high.” In two cases, attackers can terminate VPN connections by sending specially crafted data packets. Admins can find further information in the security advisories linked below this message.

If the Identity Awareness function is active in the context of browser-based authentication, attackers can view internal files of the Security Gateway without authentication. The following Check Point products are specifically affected by the security vulnerabilities:

Videos by heise

Spark Firewall (EOS), R81.10 (EOS), R81.10.X, R81.20, R82, R82.00.X, R82.10
Security Gateway R77.20 (EOS), R77.30 (EOS), R80.10 (EOS), R80.20 (EOS), R80.20.X (EOS), R80.30 (EOS), R80.40 (EOS), R81

Security Updates

So far, there are no indications of attacks. Admins should ensure that at least one of the following versions is installed:

Spark Firewalls R81.10.17 – sk183153, R82.00.10 – sk184357
Security Gateways Jumbo Hotfix Accumulator for R82.10 starting from Take 19, Jumbo Hotfix Accumulator for R82 starting from Take 103, Jumbo Hotfix Accumulator for R81.20 starting from Take 141

Security Advisories:

Such vulnerabilities pose a real threat to the network. Cybercriminals also exploit them more often on Checkpoint devices to gain unauthorized access to the actually protected networks.