Loading…

Cookies and privacy

We use strictly necessary cookies to run the site. With your permission we also load Vercel Web Analytics and Speed Insights to measure traffic and performance in aggregate. See our Cookie Policy and Privacy Policy.

CVE-2024-24919: Check Point Quantum Security Gateways Information Disclosure Vulnerability · Scorifya

CVE detail

CVE-2024-24919: Check Point Quantum Security Gateways Information Disclosure Vulnerability

Source: CISA Known Exploited Vulnerabilities catalog · back to feed

Vendor / product

Check Point · Quantum Security Gateways

Date added (KEV): May 30, 2024
CISA due date: Jun 20, 2024
Ransomware campaign use: Known

Required action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Vendor fix: Vendor patch

Scorifya interpretation

AI-generated

A short, structured read of the record above — generated when this page first loads, then cached for a week.

Plain English

Technical detail

From CISA

Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways connected to the internet, with IPSec VPN, Remote Access VPN or Mobile Access enabled. This issue affects several product lines from Check Point, including CloudGuard Network, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.

https://support.checkpoint.com/results/sk/sk182336 ; https://nvd.nist.gov/vuln/detail/CVE-2024-24919

See what attackers can see on your domain

This vulnerability is on CISA's Known Exploited Vulnerabilities list, so it is being exploited in the wild right now, including in ransomware campaigns. Scorifya can't test for Check Point directly, but in about 30 seconds it shows what your own domain exposes publicly across TLS, security headers, DNS, and cookies: the surface attackers probe first.

Run a free scan Methodology

References

https://support.checkpoint.com/results/sk/sk182336MitigationPatchVendor Advisory
https://support.checkpoint.com/results/sk/sk182336MitigationPatchVendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-24919US Government Resource
https://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vulnerability-cve-2024-24919/Third Party Advisory

Other recent CVEs from Check Point

CVE-2026-50751Security Gateway — Check Point Security Gateway Improper Authentication Vulnerability