From blog.qualys.com
Check Point Security Gateway is a secure web gateway that is an on-premises or cloud-delivered network security service. Check Point enforces network security policies, including firewall, VPN, and intrusion prevention capabilities.
Check Point published a zero-day advisory on May 28, 2024, regarding CVE-2024-24919 with a CVSS score of 8.6. As per the advisory, the vulnerability results in attackers accessing sensitive information and gaining domain privileges.
The vulnerability impacts various products from Check Point like CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances. The vulnerability has been added to CISA’s Known Exploited Vulnerabilities catalog.
Check Point said, “The vulnerability potentially allows an attacker to read certain information on Internet-connected Gateways with remote access VPN or mobile access enabled…”