This vulnerability affects Check Point Security Gateways. Active exploitation has been identified, and public proof of concepts have also been released.
More information is available in our blog post here.
- Description
- Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
- Source
- cve@checkpoint.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Check Point Quantum Security Gateways Information Disclosure Vulnerability
- Exploit added on
- May 30, 2024
- Exploit action due
- Jun 20, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- nvd@nist.gov
- NVD-CWE-noinfo
- cve@checkpoint.com
- CWE-200
- Hype score
- Not currently trending
ハニーポット観測:VPN機能の脆弱性(CVE-2024-24919)を狙う攻撃に関する観測内容 https://t.co/N7KrJBbMdZ #Qiita
@yousukezan
26 Dec 2024
440 Impressions
0 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨 بررسی آسیبپذیری CVE-2024-24919 در Check Point VPN 🔍 یک آسیبپذیری Arbitrary File Read که میتواند به دسترسی غیرمجاز به فایلهای حساس منجر شود. ویدیو و PoC کامل رو در کانال تلگرام مشاهده کنید! 🔐 📩 کانال تلگرام https://t.co/X5ZBNGOJFK #CVE #PenetrationTesting #GOTOCVE
@soltanali0
28 Nov 2024
245 Impressions
0 Retweets
10 Likes
0 Bookmarks
0 Replies
0 Quotes
ANOUT cve-2024-24919 Hello, I want to ask, I have a repaired patch now, but I can't find the path file with the vulnerability. How to compare and find the vulnerability point
@moon_924_moon
17 Nov 2024
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Think VPNs keep you secure? Think again. Our latest article exposes shocking vulnerabilities like CVE-2024-24919 and CVE-2024-21762 that hackers are already exploiting. Don’t miss out—learn how to truly protect your networks! https://t.co/54wYCzTDja @three_cube https://t.co/TTD
@_aircorridor
3 Nov 2024
1115 Impressions
5 Retweets
12 Likes
7 Bookmarks
0 Replies
0 Quotes
# CVE-2024-24919 Its a **High-Severity** information disclosure vulnerability that allows a attacker to remotely read arbitrary files on a check point security gateway. ShodanDork😀: http.title:"Check Point SSL Network Extender” POC:- https://t.co/kC8VEE73eD https://t.co/vUNCUWs
@0xgh057r3c0n
21 Oct 2024
97 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
お知らせ:CyberNewsFlash「Check Point Software Technologies社製品のVPN機能における情報漏えいの脆弱性(CVE-2024-24919)について」(更新) https://t.co/th09Cf8QN4
@AileenWoodstock
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0002A29-8B42-445D-9EC4-58BC93194241"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r80.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A382E0DC-2BBA-4EC9-A695-8062C3DC405D"
},
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r81.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B134BAA-A9A2-4060-9CDE-3AB9770F07FF"
},
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r81.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FCE5DC3-745A-4FC4-A2EF-AC4931E2A630"
},
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r81.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "121E2863-57A8-41F1-B7E0-B41600959A5E"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26705EAD-B1B6-40DB-8C10-1070E92E86F3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD9F864E-435C-4753-9831-EDBE4ABD7B31"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8E08B0C-4876-40A9-A422-3D327501F531"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_spark_firmware:r81.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD5A3388-8310-4FA4-AD07-771F2E983674"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_spark:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC94897D-88D2-4F56-BEBC-04899FE17197"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_spark_firmware:r80.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F325578-5CB0-486A-BD44-18E4BFB52441"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_spark:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC94897D-88D2-4F56-BEBC-04899FE17197"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]