Exploited
high
8.6
CWE
200
Advisory Published
Updated

CVE-2024-24919: Check Point Quantum Security Gateways Information Disclosure Vulnerability

First published: Tue May 28 2024(Updated: )

Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.

Credit: cve@checkpoint.com cve@checkpoint.com

Affected SoftwareAffected VersionHow to fix
Check Point Security Gateway
All of
Check Point Security Gateway=r80.40
Check Point Security Gateway
Check Point CloudGuard Network Security=r80.40
Check Point CloudGuard Network Security=r81.0
Check Point CloudGuard Network Security=r81.10
Check Point CloudGuard Network Security=r81.20
All of
Check Point Security Gateway=r81.20
Check Point Security Gateway
All of
Check Point Security Gateway=r81.10
Check Point Security Gateway
All of
Check Point Security Gateway=r81.0
Check Point Security Gateway
All of
Checkpoint Quantum Spark Firmware=r81.10
Checkpoint Quantum Spark Firmware
All of
Checkpoint Quantum Spark Firmware=r80.20
Checkpoint Quantum Spark Firmware

Remedy

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Remedy

https://support.checkpoint.com/results/sk/sk182336

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-24919?

    The severity level of CVE-2024-24919 has not been explicitly stated, but it involves an information disclosure vulnerability that can be serious in nature.

  • How do I fix CVE-2024-24919?

    To fix CVE-2024-24919, apply the latest firmware updates for the affected Check Point Quantum Security Gateways as provided by the vendor.

  • Which versions of Check Point products are affected by CVE-2024-24919?

    CVE-2024-24919 affects Check Point Quantum Security Gateways running the R80.40 and R81.x firmware versions.

  • What types of environments are impacted by CVE-2024-24919?

    CVE-2024-24919 impacts environments with Check Point Quantum Security Gateways that have IPSec VPN, Remote Access VPN, or Mobile Access enabled and connected to the internet.

  • Is there any public exploit available for CVE-2024-24919?

    As of now, there are indications that CVE-2024-24919 may have been actively exploited in attacks, highlighting the urgency for remediation.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203