The Indian Computer Emergency Response Team (CERT-In) has identified a vulnerability in gateway products of cyber security solutions provider – Checkpoint. The vulnerability, the cyber dog’s advisory says can be exploited by an attacker to gain access to vital information.
The government body has termed this vulnerability as ‘high’ severity and has advised users to take preventive measures.It says that the vulnerability exists in Checkpoint products due to the unrecommended password-only authentication method.
What does the CERT-In advisory say?
In its advisory, CERTI-In says that a “vulnerability has been reported in Checkpoint Network Security gateway products, which could allow an attacker to access certain information on internet-connected gateways configured with IPSec VPN, remote access VPN, or mobile access software blades.”
The vulnerability CVE-2024-24919 is being exploited in the wild.
“Successful exploitation of this vulnerability could allow the attacker to access certain information on internet-connected gateways configured with IPSec VPN, remote access VPN, or mobile access software blades. This, in certain scenarios, could potentially lead the attacker to move laterally and gain domain admin privileges,” it states further.
List of Checkpoint component affected
As per the advisory, component affected includes:
- Quantum Security Gateway and CloudGuard Network Security versions: R81.20, R81.10, R81, R80.40
- Quantum Maestro and Quantum Scalable Chassis versions : R81.20, R81.10, R80.40, R80.30SP, R80.20SP
- Quantum Spark Gateways versions: R81.10.x, R80.20.x, R77.20.x
What’s the solution?
The cyber security body has advised users to apply appropriate fixes and mitigation measures to prevent the exploit of CVE-2024-24919 vulnerability. Checkpoint has discovered the vulnerability and issued a fix for the same.
This post was originally published on the 3rd party site mentioned in the title of this this site