Exploitation of Recent Check Point VPN Zero-Day Soars

Industry news
Post Reply
rbc
President
Posts: 291
Joined: Mon Oct 30, 2023 1:32 am
Location: Vicksburg, MS
ISC2 Member Status: Yes
Contact:

Exploitation of Recent Check Point VPN Zero-Day Soars

Post by rbc »

The exploitation of a recently disclosed zero-day vulnerability in Check Point VPN products has been ramping up fast, threat intelligence company GreyNoise reports.

The issue, tracked as CVE-2024-24919 (CVSS score of 8.6) and disclosed last week, could allow an attacker to access sensitive information on Check Point Security Gateways, or move laterally and obtain domain admin privileges.

Impacting multiple discontinued versions of Check Point’s gateways, the flaw has been exploited in the wild since at least April 7, and proof-of-concept (PoC) code targeting it was released over the weekend.
[...]
Exploitation of Recent Check Point VPN Zero-Day Soars
Robert B. Carleton + ISC2 Central Mississippi President
Post Reply