Customer portal
Flash Alert

FLASH Alert – Information Disclosure vulnerability in Check Point’s Quantum Gateway

CVE-2024-24919

CVSS 7.5 HIGH (Provisional)

On 27 May 2024, Check Point disclosed a vulnerability impacting the following products:

  • CloudGuard Network
  • Quantum Maestro
  • Quantum Scalable Chassis
  • Quantum Security Gateways
  • Quantum Spark Appliances

CVE-2024-24919 is an information disclosure vulnerability which would allow an unauthenticated threat actor to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades.

The following versions are known to be affected:

  • R77.20 (EOL)
  • R77.30 (EOL)
  • R80.10 (EOL)
  • R80.20 (EOL)
  • R80.20.x
  • R80.20SP (EOL)
  • R80.30 (EOL)
  • R80.30SP (EOL)
  • R80.40 (EOL)
  • R81, R81.10
  • R81.10.x
  • R81.20

The vulnerability is exploitable on affected systems if ONE of the following conditions is met:

  • The IPsec VPN Blade is enabled, but ONLY when included in the Remote Access VPN  community.
  • The Mobile Access Software Blade is enabled.

Check Point has issued detailed instructions for applying hotfixes to affected services to mitigate this vulnerability.  Additionally, The following has also been recommended:

  • Change the password of the Security Gateway’s account in Active Directory
  • Prevent Local Accounts from connecting to VPN with Password Authentication

The announcement of this vulnerability comes after Check Point identified a small number of login attempts on older local VPN accounts that used an unrecommended password-only authentication method.  This indicates that the vulnerability is being exploited in the wild, and so the recommended hotfixes should be applied as soon as practicable.

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound