This vulnerability affects Check Point Security Gateways. Active exploitation has been identified, and public proof of concepts have also been released.
More information is available in our blog post here.
Insights
Analysis from the Intruder Security Team
Published Oct 15, 2024
Overview
- Description
- Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
- Source
- cve@checkpoint.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
Known exploits
Data from CISA
- Vulnerability name
- Check Point Quantum Security Gateways Information Disclosure Vulnerability
- Exploit added on
- May 30, 2024
- Exploit action due
- Jun 20, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
- cve@checkpoint.com
- CWE-200
Social media
- Hype score
- Not currently trending
お知らせ:CyberNewsFlash「Check Point Software Technologies社製品のVPN機能における情報漏えいの脆弱性(CVE-2024-24919)について」(更新) https://t.co/th09Cf8QN4
@AileenWoodstock
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Think VPNs keep you secure? Think again. Our latest article exposes shocking vulnerabilities like CVE-2024-24919 and CVE-2024-21762 that hackers are already exploiting. Don’t miss out—learn how to truly protect your networks! https://t.co/54wYCzTDja @three_cube https://t.co/TTD
@_aircorridor
Nov 3, 2024 7:44 PM
1115 Impressions
5 Retweets
12 Likes
7 Bookmarks
0 Replies
0 Quotes
# CVE-2024-24919 Its a **High-Severity** information disclosure vulnerability that allows a attacker to remotely read arbitrary files on a check point security gateway. ShodanDork😀: http.title:"Check Point SSL Network Extender” POC:- https://t.co/kC8VEE73eD https://t.co/vUNCUWs
@_G4UR4V007_
Oct 21, 2024 8:13 PM
97 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0002A29-8B42-445D-9EC4-58BC93194241"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r80.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A382E0DC-2BBA-4EC9-A695-8062C3DC405D"
},
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r81.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B134BAA-A9A2-4060-9CDE-3AB9770F07FF"
},
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r81.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FCE5DC3-745A-4FC4-A2EF-AC4931E2A630"
},
{
"criteria": "cpe:2.3:a:checkpoint:cloudguard_network_security:r81.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "121E2863-57A8-41F1-B7E0-B41600959A5E"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26705EAD-B1B6-40DB-8C10-1070E92E86F3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD9F864E-435C-4753-9831-EDBE4ABD7B31"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E8E08B0C-4876-40A9-A422-3D327501F531"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_spark_firmware:r81.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD5A3388-8310-4FA4-AD07-771F2E983674"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_spark:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC94897D-88D2-4F56-BEBC-04899FE17197"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:checkpoint:quantum_spark_firmware:r80.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F325578-5CB0-486A-BD44-18E4BFB52441"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:checkpoint:quantum_spark:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FC94897D-88D2-4F56-BEBC-04899FE17197"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]