Actively exploited vulnerability

CVE-2024-24919: Check Point Quantum Security Gateways Information Disclosure Vulnerability

Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.

CISA KEV source 30 May 2024 added 20 Jun 2024 remediation due

Affected product

Check Point ยท Quantum Security Gateways

Known ransomware use: Known

Required action

Follow the source advisory and validate exposure in your environment.

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Related Yasna coverage

Recent reporting that mentions CVE-2024-24919.