Check Point Remote Access VPN Vulnerability - 20240530002¶
Overview¶
Check Point has alerted its users to an active campaign targeting Remote Access VPN devices. Threat actors are exploiting this vulnerability to breach enterprise networks.
What is vulnerable?¶
| CVE | Severity | CVSS |
|---|---|---|
| CVE-2024-24919 | High | 7.5 |
| Product | Version |
|---|---|
| CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Spark Appliances | R77.20 (EOL), R77.30 (EOL), R80.10 (EOL), R80.20 (EOL), R80.20.x, R80.20SP (EOL), R80.30 (EOL), R80.30SP (EOL), R80.40 (EOL), R81, R81.10, R81.10.x, R81.20 |
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing. Check Point have witnessed exploitation of VPN solutions.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hrs... (refer Patch Management):