The company said in a statement that it was privately approached by CTS Labs to verify the existence of the flaws but was not paid anything for its efforts. It also stressed that it had no relationship, past or present, with CTS Labs.
"We do not agree in any way with how CTS Labs’ research was published, and find it very irresponsible," Check Point said. "However, we do believe that if the claims made in the publication are found to be correct then it may raise several issues worth discussing, regardless of the way it was handled or reported."
Check Point is also based in Israel and issued its statement on Monday about the flaws, the publication of which caused a considerable amount of negative publicity both for CTS Labs and short-seller Viceroy Research, which issued an apocalyptic report about the flaws, claiming that they would bankrupt AMD.
Adding to the controversy was a Reuters report that found there had been a surge of short-selling of AMD shares in the run-up to the disclosure on Tuesday.
Another company, Trail of Bits, was paid US$16,000 to verify CTS Labs' findings. After initially sounding positive about the discoveries, its chief Dan Guido appeared to play down the significance of the flaws, saying: "There is no immediate risk of exploitation of these vulnerabilities for most users.
"Even if the full details were published today, attackers would need to invest significant development efforts to build attack tools that utilise these vulnerabilities. This level of effort is beyond the reach of most attackers."
Check Point said it had been able to check only two of the vulnerabilities as they related to PC-based AMD hardware; the rest of the flaws were said to affect server AMD hardware and could not be verified.
"To conclude, in our opinion the original CTS Labs report might have been problematically phrased in a way that misrepresented the threat model and impact that the RYZENFALL-1 and RYZENFALL-3 vulnerabilities present," Check Point said.
"However, problematic phrasing aside, after inspecting the technical details of the above, we can indeed verify that these are valid vulnerabilities and the risks they pose should be taken under consideration."