Tel Aviv, Monday, June 3, 2024 – Check Point Software Technologies, a leading cybersecurity firm, urged customers in its blog post 1, to update their Network Security gateway products immediately following the discovery of a critical zero-day vulnerability (CVE-2024-24919).
CheckPoint’s Report on the issue can be seen here.
This designation signifies the flaw was previously unknown and has already been exploited in attacks targeting Check Point’s VPN gateways.
The vulnerability potentially allows attackers to gain unauthorized access to sensitive information on internet-connected gateways. Specifically, it could enable attackers to “read certain information” on devices configured with Remote Access VPN or Mobile Access software blades.
While Check Point hasn’t elaborated on the nature of the information at risk, it underscores the potential severity of the situation. Remote access VPNs are a popular tool for employees working remotely to securely connect to a company’s network.
According to Check Point, the company observed a “small number” of exploitation attempts in late May 2024.
These attacks specifically targeted “old VPN local accounts” that relied on password-only authentication, a method considered insecure by cybersecurity best practices.
Check Point has swiftly responded by releasing security patches for affected gateway products.
These include CloudGuard Network Security versions R81.20, R81.10, R80.40, and R80.20, as well as Quantum Security Gateway and Quantum Maestro versions R81.20, R81.10, R80.40, R80.30SP, and R80.20SP.
Additionally, Quantum Spark Gateway versions R81.10.x and R80.20.x, and R77.20.x are also included. CheckPoint says that customers are strongly advised to prioritize applying these updates to mitigate any potential risks.
- blog.checkpoint.com: https://blog.checkpoint.com/security/enhance-your-vpn-security-posture/[↩]