top of page
  • Writer's pictureAnup Ghosh

Exploits of Check Point Zero Day Surge


The Download

Continuing a trend we have been tracking this year, exploits of a Check Point VPN zero-day have been surging since early June according to threat intelligence firm GreyNoise. The vulnerability Is tracked as CVE-2024-24919 and has CVSS severity 8.6. GreyNoise's system has logged more than 10,000 attempts to exploit the vulnerability since the 1st of June. Security firm Censys reports an Internet scan uncovered over 14,000 instances of CheckPoint's VPN, though the percentage vulnerable was not included in their scan.


Affected Check Point products include CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances.


What You Can Do

The reason why this vulnerability is being treated with some urgency is it is on your external attack surface. This means any attacker on the Internet can possibly discover the vulnerability and exploit it. The exploit has already been weaponized, which means Internet scans can then be turned into packaged exploits. We suggest using ThreatMate's automated pen testing as a service (PTaaS) for your firewall, VPNs and Web services.




To Learn More:

20 views

Comments


bottom of page