Check Point released a fix to handle a vulnerability undergoing exploitation that could allow an attacker to read certain information on Internet-connected gateways with remote access VPN or mobile access enabled.

Check Point released a solution, as a preventative measure, to address these unauthorized remote access attempts.

The vulnerability could allow an attacker to read certain information on Internet-connected Gateways with remote access VPN or mobile access enabled,” Check Point said.

The issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances.

Hotfixes are available in the following versions:

Schneider Bold
  • Quantum Security Gateway and CloudGuard Network Security Versions – R81.20, R81.10, R81, R80.40
  • Quantum Maestro and Quantum Scalable Chassis – R81.20, R81.10, R80.40, R80.30SP, R80.20SP
  • Quantum Spark Gateways Version – R81.10.x, R80.20.x, R77.20.x

This fix and advisory comes days after the Israel-based cybersecurity company warned of attacks targeting its VPN devices to infiltrate enterprise networks.

CVE-2024-24919 is the case number for the vulnerability, which has a CVSS base score of 7.5.

CISA added this vulnerability to its Known Exploited Vulnerabilities Catalog.

Check Point said users could enhance their VPN security posture by:

  • Check if you have local accounts, if they were used and by whom.
  • If you don’t use them – best to disable them.
  • If you have local accounts which you want to use and are password-only authenticated, add another layer of authentication (like certificates) to increase your environments IT security.
  • As said, If you are a Check Point user, deploy the fix on the Security Gateways. This will automatically prevent unauthorized access to your VPNs by local accounts with password-only authentication method.
ISSSource

Pin It on Pinterest

Share This