CVE-2024-24919 is a vulnerability in Checkpoint Cloudguard Network Security
Published on May 28, 2024
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Known Exploited Vulnerability
This Check Point Quantum Security Gateways Information Disclosure Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.
The following remediation steps are recommended / required by June 20, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Vulnerability Analysis
CVE-2024-24919 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Products Associated with CVE-2024-24919
You can be notified by stack.watch whenever vulnerabilities like CVE-2024-24919 are published in these products:
What versions of Cloudguard Network Security are vulnerable to CVE-2024-24919?
Each of the following must match for the vulnerability to exist.
- Checkpoint Cloudguard Network Security Version r81.20
- Checkpoint Cloudguard Network Security Version r81.10
- Checkpoint Cloudguard Network Security Version r81.0
- Checkpoint Cloudguard Network Security Version r80.40
Each of the following must match for the vulnerability to exist.
Each of the following must match for the vulnerability to exist.
Each of the following must match for the vulnerability to exist.
Each of the following must match for the vulnerability to exist.
Each of the following must match for the vulnerability to exist.