TLS Validation Vulnerability in Check Point Products
CVE-2025-2028

6.5MEDIUM

Key Information:

Vendor: Checkpoint
Status: Check Point Management Log Server
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-2028?

A vulnerability exists in Check Point products that fails to validate TLS when downloading CSV files, which include mappings of IPs to countries. This issue poses a risk as it can allow for the potential manipulation of log data that displays country flags, potentially leading to unauthorized access or exposure of sensitive information. To mitigate risks, users should ensure proper validation mechanisms are in place and follow best practices for securing data exports.

Affected Version(s)

Check Point Management Log Server versions R81.10, R81.20, R82

References

https://support.checkpoint.com/results/sk/sk183349

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Mar 6, 2025

Checkpoint

What is CVE-2025-2028?

Affected Version(s)

References

CVSS V3.1

Timeline