Check Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks.
Tracked as CVE-2024-24919, the high-severity information disclosure vulnerability enables attackers to read certain information on internet-exposed Check Point Security Gateways with remote Access VPN or Mobile Access Software Blades enabled.
“The vulnerability potentially allows an attacker to read certain information on Internet-connected Gateways with remote access VPN or mobile access enabled,” reads an update on Check Point’s previous advisory.
Check Point created a FAQ page with additional information about CVE-2024-24919, IPS signature, and manual hotfix installation instructions.
Check Point has created a remote access validation script that can be uploaded onto ‘SmartConsole’ and executed to review the results and take appropriate actions.
Hackers target Check Point VPNs to breach enterprise networks.