Description Preview
CVE-2024-24919 is a vulnerability identified in Check Point's security products, specifically the Quantum Gateway, Spark Gateway, and CloudGuard Network. The vulnerability arises from improper handling of sensitive information, potentially allowing unauthorized actors to access certain data once the affected devices are connected to the internet and have remote Access VPN or Mobile Access Software Blades enabled. A security fix has been released to mitigate this vulnerability, and users are strongly advised to apply the necessary updates to protect their systems.
Overview
- CVE ID: CVE-2024-24919
- Vendor: Check Point
- Affected Products:
- Check Point Quantum Gateway and CloudGuard Network versions R81.20, R81.10, R81, R80.40
- Check Point Spark versions R81.10, R80.20
- Vulnerability Type: Information Disclosure
- CWE Classification: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CVSS Score: 8.6 (High)
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
Remediation
Check Point has released a security fix to address CVE-2024-24919. Users of the affected products are advised to update their systems to the latest versions as specified by Check Point. Detailed instructions for applying the security fix can be found in the official support documentation linked below.
References
- Check Point Support - Security Knowledge Base Article
- CISA Known Exploited Vulnerabilities Catalog (CVE-2024-24919 added on 2024-05-30)
Early Warning
Customers using Armis Early Warning were notified about this vulnerability before it appeared in CISA's Known Exploited Vulnerabilities Catalog, enabling them to assess their exposure and act proactively. Armis offers these examples of CVEs already included in CISA KEV for potential customers. Click here to learn how to receive alerts earlier.
- Armis Alert Date
- May 28, 2024
- CISA KEV Date
- May 30, 2024
2days early
Industry ExposureMost to leastThis section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
- Professional, Scientific, & Technical ServicesProfessional, Scientific, & Technical Services: Low
- Finance and InsuranceFinance and Insurance: Low
- Accommodation & Food ServicesAccommodation & Food Services: Low
- Administrative, Support, Waste Management & Remediation ServicesAdministrative, Support, Waste Management & Remediation Services: Low
- Agriculture, Forestry Fishing & HuntingAgriculture, Forestry Fishing & Hunting: Low
- Arts, Entertainment & RecreationArts, Entertainment & Recreation: Low
- ConstructionConstruction: Low
- Educational ServicesEducational Services: Low
- Health Care & Social AssistanceHealth Care & Social Assistance: Low
- InformationInformation: Low
- Management of Companies & EnterprisesManagement of Companies & Enterprises: Low
- ManufacturingManufacturing: Low
- MiningMining: Low
- Other Services (except Public Administration)Other Services (except Public Administration): Low
- Public AdministrationPublic Administration: Low
- Real Estate Rental & LeasingReal Estate Rental & Leasing: Low
- Retail TradeRetail Trade: Low
- Transportation & WarehousingTransportation & Warehousing: Low
- UtilitiesUtilities: Low
- Wholesale TradeWholesale Trade: Low
