Check Point VPN Zero-Day Vulnerability Exploited
May 31, 2024

A critical security vulnerability (CVE-2024-24919) affecting Check Point VPN products. Attackers can potentially read sensitive information on vulnerable Check Point firewalls, and are actively exploiting this flaw to gain access to corporate networks.

Remote access scenarios with weak password-only authentication are particularly at risk.

What products are affected?

  • CloudGuard Network
  • Quantum Maestro
  • Quantum Scalable Chassis
  • Quantum Security Gateways
  • Quantum Spark Appliances

Versions impacted:

R77.20 (EOL), R77.30 (EOL), R80.10 (EOL), R80.20 (EOL), R80.20.x, R80.20SP (EOL), R80.30 (EOL), R80.30SP (EOL), R80.40 (EOL), R81, R81.10, R81.10.x, R81.20

Check Point has released the following security updates to address the flaw:

  • Quantum Security Gateway and CloudGuard Network Security: R81.20, R81.10, R81, R80.40
  • Quantum Maestro and Quantum Scalable Chassis: R81.20, R81.10, R80.40, R80.30SP, R80.20SP
  • Quantum Spark Gateways: R81.10.x, R80.20.x, R77.20.x

What to do:

  • Apply security updates immediately: Check Point has released hotfixes for most versions. Details and download links can be found here: https://support.checkpoint.com/results/sk/sk182337
  • End-of-Life versions: Manual hotfixes are available but require download and installation.
  • Enhance security (if update is not possible):
  • Update the Active Directory password used by the Security Gateway for authentication.
  • Check Point has created a remote access validation script that can be uploaded onto ‘SmartConsole’ and executed to review the results and take appropriate actions.
  • See Check Point’s Security Bulletin for detailed instructions: https://support.checkpoint.com/results/sk/sk182336

Don’t delay! Patching these vulnerabilities is critical to protecting your network.

How to fully protect your organization from these types of attacks :

Unfortunately, because of Zero-day exploits, social engineering attacks, and similar techniques and tactics available to hackers, it is just not possible to fully prevent cybercriminals from infiltrating your computing environment. In these circumstances where it is not possible to block the intruder in the first instance, effective cyber defense demands a holistic MDR solution — one that monitors, gathers, and analyzes critical data from both on-premise and cloud environments, integrated with a threat intelligence platform, continuous vulnerability detection, and real-time responses from a 24/7 security operations center staffed by highly skilled analysts and engineers.

Safeguard your organization. Learn more about CloudJacket at https://www.secnap.com/cloudjacket/. Contact us today for a free consultation 954-350-0712.

SECNAP CloudJacket

Ensure your organization has robust cybersecurity protection that quickly identifies and contains potential breaches.

Stay up-to-date with the latest news and trends in cyber security. Follow SECNAP Network Security’s social media channels and get valuable insights, tips, and information to help protect your organization from online threats:

More Related Posts