CVE-2024-24919

Published May 28, 2024

Last updated 2 months ago

Exploit knownCVSS high 8.6

Overview

Description
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Source
cve@checkpoint.com
NVD status
Analyzed

Insights

Analysis from the Intruder Security Team
Published Oct 15, 2024

This vulnerability affects Check Point Security Gateways. Active exploitation has been identified, and public proof of concepts have also been released.

More information is available in our blog post here.

Risk scores

CVSS 3.1

Type
Primary
Base score
8.6
Impact score
4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Check Point Quantum Security Gateways Information Disclosure Vulnerability
Exploit added on
May 30, 2024
Exploit action due
Jun 20, 2024
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

cve@checkpoint.com
CWE-200
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. This dork is for CVE-2024-24919. tá hackeando ainda seu safado bigodudo? é você, hahahahahahahaha

    @oicaradepiolho

    8 Mar 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CCP Hackers Exploit VPN Flaw to Target Global OT Organizations Chinese Communist Party (CCP) hackers exploited CVE-2024-24919 in Check Point gateways, using lateral movement and the ShadowPad backdoor to penetrate global OT organizations and small manufacturers, stealing IP fro

    @jianhua266

    3 Mar 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 中共网络黑客利用VPN漏洞 攻击全球OT组织 中共黑客通过Check Point安全网关中的CVE-2024-24919漏洞,并进行横向移动并部署ShadowPad后门等手段,渗透全球多家运营技术(OT)组织及相关小型制造企业,窃取了其航空航天供应链等关键行业的知识产权。 https://t.co/oAHrb8xBSl

    @jianhua266

    3 Mar 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CCP Hackers Exploit VPN Flaw to Target Global OT Organizations Chinese Communist Party (CCP) hackers exploited CVE-2024-24919 in Check Point gateways, using lateral movement and the ShadowPad backdoor to penetrate global OT organizations and small manufacturers, stealing IP fro

    @lili0432

    3 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CCP Hackers Exploit VPN Flaw to Target Global OT Organizations Chinese Communist Party (CCP) hackers exploited CVE-2024-24919 in Check Point gateways, using lateral movement and the ShadowPad backdoor to penetrate global OT organizations and small manufacturers, stealing IP f ht

    @wu96777

    3 Mar 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 中共网络黑客利用VPN漏洞 攻击全球OT组织 中共黑客通过Check Point安全网关中的CVE-2024-24919漏洞,并进行横向移动并部署ShadowPad后门等手段,渗透全球多家运营技术(OT)组织及相关小型制造企业,窃取了其航空航天供应链等关键行业的知识产权。 #中共APT #VPN漏洞 #OT组织 https://t.co/ebtPr6ViJz

    @BaiXiao77777

    3 Mar 2025

    40 Impressions

    3 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CCP Hackers Exploit VPN Flaw to Target Global OT Organizations Chinese Communist Party (CCP) hackers exploited CVE-2024-24919 in Check Point gateways, using lateral movement and the ShadowPad backdoor to penetrate global OT organizations and small manufacturers, stealing IP http

    @BaiXiao77777

    3 Mar 2025

    26 Impressions

    3 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 中共网络黑客利用VPN漏洞 攻击全球OT组织 中共黑客通过Check Point安全网关中的CVE-2024-24919漏洞,并进行横向移动并部署ShadowPad后门等手段,渗透全球多家运营技术(OT)组织及相关小型制造企业,窃取了其航空航天供应链等关键行业的知识产权。 https://t.co/fQXQsWZsh3

    @Richard44342743

    3 Mar 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 中共网络黑客利用VPN漏洞 攻击全球OT组织 中共黑客通过Check Point安全网关中的CVE-2024-24919漏洞,并进行横向移动并部署ShadowPad后门等手段,渗透全球多家运营技术(OT)组织及相关小型制造企业,窃取了其航空航天供应链等关键行业的知识产权。 https://t.co/hrBKX2W11e

    @maomao80889912

    3 Mar 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CCP Hackers Exploit VPN Flaw to Target Global OT Organizations Chinese Communist Party (CCP) hackers exploited CVE-2024-24919 in Check Point gateways…… #CCPAPT #VPNFlaw #OTOrganizations #AerospaceSupplyChain #IPTheft #ShadowPad #Cybersecurity #CCPThreat #ChineseCommunistParty h

    @mingshi69155031

    3 Mar 2025

    8 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  11. حمله گروه Winnti، توسط آسیب‌پذیری CVE-2024-24919 برای نفوذ به سازمان‌های (OT) در سراسر جهان #Cyber_Security_News #اخبار_امنیت_سایبری #Check_Point #Green_Nailao #PlugX #ShadowPad #Winnti #CVE_2024_24919 https://t.co/aAs7Dp0Nrv

    @vulnerbyte

    1 Mar 2025

    12 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Threat Alert: Chinese Hackers Exploit Check Point VPN Zero-Day to Target Organizations Globall CVE-2024-24919 Severity: ⚠️ Critical Maturity: 💥 Mainstream Learn more: https://t.co/VSyIZ6NPp3 #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    1 Mar 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. به تازگی باج افزاری با نام NailaoLocker منتشر شده است که از آسیب پذیری با کد شناسایی CVE-2024-24919 برای گرفتن دسترسی اولیه استفاده می کند ، از متد dll sideloading و با تزریق فایل (sensapi.dll) در پروسس قانونی (usysdiag.exe) خود را اجرا می کند. https://t.co/Poz3aKY03t https://t.c

    @AmirHossein_sec

    26 Feb 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. CCP Hackers Target European Healthcare Institutions Chinese Communist Party (CCP) hackers have recently initiated cyberattacks on European healthcare institutions using the latest spyware ransomware. They exploited a vulnerability (CVE-2024-24919) in a product from an Israeli htt

    @lili0432

    24 Feb 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. CCP Hackers Target European Healthcare Institutions Chinese Communist Party (CCP) hackers have recently initiated cyberattacks on European healthcare institutions using the latest spyware ransomware. They exploited a vulnerability (CVE-2024-24919) in a product from an Israeli htt

    @wu96777

    24 Feb 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. CCP Hackers Target European Healthcare Institutions Chinese Communist Party (CCP) hackers have recently initiated cyberattacks on European healthcare institutions using the latest spyware ransomware. They exploited a vulnerability (CVE-2024-24919) in a product from an Israeli ht

    @BaiXiao77777

    24 Feb 2025

    74 Impressions

    2 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. CCP Hackers Target European Healthcare Institutions Chinese Communist Party (CCP) hackers have recently initiated cyberattacks on European healthcare institutions using the latest spyware ransomware. They exploited a vulnerability (CVE-2024-24919) in a product from an Israeli ht

    @Freemilesguo_7

    24 Feb 2025

    14 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. CCP Hackers Target European Healthcare Institutions Chinese Communist Party (CCP) hackers have recently initiated cyberattacks on European healthcare institutions using the latest spyware ransomware. They exploited a vulnerability (CVE-2024-24919) in a product from an Israeli ht

    @maomao80889912

    24 Feb 2025

    43 Impressions

    2 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. 中共黑客组织瞄准欧洲医疗机构 中共黑客组织近期使用最新间谍勒索软件,针对欧洲医疗机构展开了网络攻击,包括利用了一家以色列网络安全公司产品中CVE-2024-24919的漏洞。在目标系统中植入了最新被发现的勒索软件NailaoLocke。 #中共黑客 #欧洲医疗机构 #中共间谍活动 #勒索软件 #网络安全漏洞 https://t.co/dRtrzCVOE4

    @Freemilesguo_7

    23 Feb 2025

    7 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. 中共黑客组织瞄准欧洲医疗机构 中共黑客组织近期使用最新间谍勒索软件,针对欧洲医疗机构展开了网络攻击,包括利用了一家以色列网络安全公司产品中CVE-2024-24919的漏洞。在目标系统中植入了最新被发现的勒索软件NailaoLocke。 #中共黑客 #欧洲医疗机构 #中共间谍活动 #勒索软件 #网络安全漏洞 https://t.co/wDKkfH8jmG

    @BaiXiao77777

    23 Feb 2025

    54 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. 中共黑客组织瞄准欧洲医疗机构 中共黑客组织近期使用最新间谍勒索软件,针对欧洲医疗机构展开了网络攻击,包括利用了一家以色列网络安全公司产品中CVE-2024-24919的漏洞。在目标系统中植入了最新被发现的勒索软件…… #中共黑客 #欧洲医疗机构 #中共间谍活动 #勒索软件 #网络安全漏洞 #中共威胁 https://t.co/WlN0TH8eAu

    @mingshi69155031

    23 Feb 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. 中共黑客组织瞄准欧洲医疗机构 中共黑客组织近期使用最新间谍勒索软件,针对欧洲医疗机构展开了网络攻击,包括利用了一家以色列网络安全公司产品中CVE-2024-24919的漏洞。在目标系统中植入了最新被发现的勒索软件NailaoLocke。 #中共黑客 #欧洲医疗机构 #中共间谍活动 #网络安全漏洞 #中共威胁 https://t.co/y0wG10lhRq

    @zi_liang68058

    23 Feb 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. 中共黑客组织瞄准欧洲医疗机构 中共黑客组织近期使用最新间谍勒索软件,针对欧洲医疗机构展开了网络攻击,包括利用了一家以色列网络安全公司产品中CVE-2024-24919的漏洞。在目标系统中植入了最新被发现的勒索软件NailaoLocke。 #中共黑客 #欧洲医疗机构 #中共间谍活动 #勒索软件 #网络安全漏洞 https://t.co/OQdgLU7j3J

    @nihaibuhai7

    23 Feb 2025

    30 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  24. 中共黑客组织瞄准欧洲医疗机构 中共黑客组织近期使用最新间谍勒索软件,针对欧洲医疗机构展开了网络攻击,包括利用了一家以色列网络安全公司产品中CVE-2024-24919的漏洞。在目标系统中植入了最新被发现的勒索软件NailaoLocke。 #中共黑客 #欧洲医疗机构 #中共间谍活动 #勒索软件 #网络安全漏洞 https://t.co/59wrFp7x0Q

    @Richard44342743

    22 Feb 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. 中共黑客组织瞄准欧洲医疗机构 中共黑客组织近期使用最新间谍勒索软件,针对欧洲医疗机构展开了网络攻击,包括利用了一家以色列网络安全公司产品中CVE-2024-24919的漏洞。在目标系统中植入了最新被发现的勒索软件NailaoLocke。 #中共黑客 #欧洲医疗机构 #中共间谍活动 #勒索软件 #网络安全漏洞… https://t.co/NyimhF11qd https://t.co/ManEd8MEoU

    @11127Lau

    22 Feb 2025

    179 Impressions

    13 Retweets

    9 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. European healthcare orgs targeted with NailaoLocker ransomware https://t.co/FgxyR8ALhh After initially compromising Check Point Security Gateways through the exploitation of the CVE-2024-24919 vulnerability, Green Nailao proceeded to deliver a stealthier variant of the ShadowP…

    @f1tym1

    21 Feb 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. European healthcare orgs targeted with NailaoLocker ransomware https://t.co/AZmQJreSfQ After initially compromising Check Point Security Gateways through the exploitation of the CVE-2024-24919 vulnerability, Green Nailao proceeded to deliver a stealthier variant of the ShadowP…

    @f1tym1

    21 Feb 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. 💉 NailaoLocker Ransomware Hits EU Healthcare—Exploits Check Point Flaw! Chinese-linked NailaoLocker ransomware is attacking European hospitals, leveraging CVE-2024-24919. It encrypts data but lacks advanced evasion. Is this cyber-espionage or a financial play? Patch now &

    @dCypherIO

    20 Feb 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. A new ransomware strain, dubbed NailaoLocker, has been discovered targeting healthcare organizations across Europe. This malicious payload is being deployed in attacks that exploit CVE-2024-24919 (CVSS: 7.5), a vulnerability in Check Point Security Gateways. The attackers are… h

    @cytexsmb

    20 Feb 2025

    38 Impressions

    2 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  30. A new ransomware strain, NailaoLocker, has targeted European healthcare organizations from June to October 2024, exploiting CVE-2024-24919 in Check Point Security Gateway. https://t.co/DsrUXDJQvN

    @securityRSS

    20 Feb 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. 🔴 Un nuevo ransomware llamado NailaoLocker dirigió ataques a la vulnerabilidad de Check Point Security Gateway CVE-2024-24919 para obtener acceso a redes específicas y desplegar el malware ShadowPad y PlugX. 🧉 https://t.co/nUSkna0StS

    @MarquisioX

    20 Feb 2025

    40 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  32. ❗קבוצת הכופר NailaoLocker תוקפת ארגוני בריאות באירופה. בין יוני לאוקטובר 2024, זוהתה נוזקת כופר חדשה בשם NailaoLocker במתקפות על ארגוני בריאות באירופה. מחקר של חברת Orange Cyberdefense מציין כי התוקפים ניצלו את חולשת CVE-2024-24919 במערכות של Check P… https://t.co/CfsFS77bFe h

    @CyberIL

    20 Feb 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. ハニーポット観測:VPN機能の脆弱性(CVE-2024-24919)を狙う攻撃に関する観測内容 https://t.co/N7KrJBbMdZ #Qiita

    @yousukezan

    26 Dec 2024

    440 Impressions

    0 Retweets

    5 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  34. 🚨 بررسی آسیب‌پذیری CVE-2024-24919 در Check Point VPN 🔍 یک آسیب‌پذیری Arbitrary File Read که می‌تواند به دسترسی غیرمجاز به فایل‌های حساس منجر شود. ویدیو و PoC کامل رو در کانال تلگرام مشاهده کنید! 🔐 📩 کانال تلگرام https://t.co/X5ZBNGOJFK #CVE #PenetrationTesting #GOTOCVE

    @soltanali0

    28 Nov 2024

    245 Impressions

    0 Retweets

    10 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. ANOUT cve-2024-24919 Hello, I want to ask, I have a repaired patch now, but I can't find the path file with the vulnerability. How to compare and find the vulnerability point

    @moon_924_moon

    17 Nov 2024

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. Think VPNs keep you secure? Think again. Our latest article exposes shocking vulnerabilities like CVE-2024-24919 and CVE-2024-21762 that hackers are already exploiting. Don’t miss out—learn how to truly protect your networks! https://t.co/54wYCzTDja @three_cube https://t.co/TTD

    @_aircorridor

    3 Nov 2024

    1115 Impressions

    5 Retweets

    12 Likes

    7 Bookmarks

    0 Replies

    0 Quotes

  37. # CVE-2024-24919 Its a **High-Severity** information disclosure vulnerability that allows a attacker to remotely read arbitrary files on a check point security gateway. ShodanDork😀: http.title:"Check Point SSL Network Extender” POC:- https://t.co/kC8VEE73eD https://t.co/vUNCUWs

    @0xgh057r3c0n

    21 Oct 2024

    97 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. お知らせ:CyberNewsFlash「Check Point Software Technologies社製品のVPN機能における情報漏えいの脆弱性(CVE-2024-24919)について」(更新) https://t.co/th09Cf8QN4

    @AileenWoodstock

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References