CVE-2024-24919

Description

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

From the Tenable Blog

CVE-2024-24919: Check Point Security Gateway Information Disclosure Zero-Day Exploited in the Wild

Published: 2024-05-29

Amid warnings of threat actors targeting VPN devices, Check Point has identified a zero-day information disclosure vulnerability impacting Check Point Network Security gateways which has been exploited by malicious actors.

References

https://www.darkreading.com/ics-ot-security/chinese-apt-vpn-bug-worldwide-ot-orgs

https://blog.checkpoint.com/security/check-point-research-explains-shadow-pad-nailaolocker-and-its-protection/

https://www.bleepingcomputer.com/news/security/new-nailaolocker-ransomware-used-against-eu-healthcare-orgs/

https://therecord.media/china-linked-hackers-target-european-health-orgs

https://thehackernews.com/2025/02/chinese-linked-attackers-exploit-check.html

https://www.orangecyberdefense.com/global/blog/cert-news/meet-nailaolocker-a-ransomware-distributed-in-europe-by-shadowpad-and-plugx-backdoors

https://thehackernews.com/2024/09/chinese-hackers-exploit-visual-studio.html

https://www.tenable.com/blog/aa24-241a-joint-cybersecurity-advisory-on-iran-based-cyber-actors-targeting-us-organizations

https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a

https://www.greynoise.io/blog/whats-going-on-with-checkpoint-cve-2024-24919

https://thehackernews.com/2024/05/cisa-alerts-federal-agencies-to-patch.html

https://www.bleepingcomputer.com/news/security/check-point-vpn-zero-day-exploited-in-attacks-since-april-30/

https://blog.checkpoint.com/security/enhance-your-vpn-security-posture

https://support.checkpoint.com/results/sk/sk182336

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3