Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-24919

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

Published

2024-05-28T19:15:10.060

Last Modified

2025-10-24T13:54:22.343

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-200
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	checkpoint	quantum_spark_firmware	r80.40	Yes
Hardware	checkpoint	quantum_spark	-	No
Operating System	checkpoint	quantum_spark_firmware	r81	Yes
Hardware	checkpoint	quantum_spark	-	No
Operating System	checkpoint	quantum_security_gateway_firmware	r80.40	Yes
Hardware	checkpoint	quantum_security_gateway	-	No
Application	checkpoint	cloudguard_network_security	r80.40	Yes
Application	checkpoint	cloudguard_network_security	r81	Yes
Application	checkpoint	cloudguard_network_security	r81.10	Yes
Application	checkpoint	cloudguard_network_security	r81.20	Yes
Operating System	checkpoint	quantum_security_gateway_firmware	r81.20	Yes
Hardware	checkpoint	quantum_security_gateway	-	No
Operating System	checkpoint	quantum_security_gateway_firmware	r81.10	Yes
Hardware	checkpoint	quantum_security_gateway	-	No
Operating System	checkpoint	quantum_security_gateway_firmware	r81	Yes
Hardware	checkpoint	quantum_security_gateway	-	No
Operating System	checkpoint	quantum_spark_firmware	r81.10	Yes
Hardware	checkpoint	quantum_spark	-	No
Operating System	checkpoint	quantum_spark_firmware	r80.20	Yes
Hardware	checkpoint	quantum_spark	-	No

References

https://support.checkpoint.com/results/sk/sk182336 Mitigation, Patch, Vendor Advisory ([email protected])
https://support.checkpoint.com/results/sk/sk182336 Mitigation, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-24919 US Government Resource (134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vulnerability-cve-2024-24919/ Third Party Advisory (134c704f-9b21-4f2e-91b3-4a467353bcc0)