CVE-2024-24919
critical-risk
Published 2024-05-28
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Do I need to act?
!
94.3% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.6/10
High
NETWORK
/ LOW complexity
Affected Products (12)
Affected Vendors
References (4)
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-...
Third Party Advisory
https://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vu...
73
/ 100
critical-risk
Severity
29/34 · Critical
Exploitability
27/34 · High
Exposure
17/34 · Moderate