May 29, 2024 at 11:40AM
Check Point warns of zero-day vulnerability in Network Security gateway products, exploited by threat actors. Tracked as CVE-2024-24919, it affects various products. Attackers could read certain information on Internet-connected Gateways with remote access VPN or mobile access enabled. Hotfixes are available for impacted versions. Recent attacks targeted VPN devices to infiltrate enterprise networks.
Key Takeaways from the Meeting Notes:
1. Check Point has issued a warning about a zero-day vulnerability (CVE-2024-24919) in several of its Network Security gateway products, which has been actively exploited by threat actors.
2. The vulnerability can potentially allow attackers to access certain information on Internet-connected Gateways with remote access VPN or mobile access enabled.
3. Hotfixes are available for affected versions of Check Point’s products to address the vulnerability.
4. Recent attacks have targeted Check Point’s VPN devices, utilizing old VPN local-accounts with unrecommended password-only authentication methods.
5. Similar attacks have targeted network perimeter applications from other companies in recent years, including Barracuda Networks, Cisco, Fortinet, Ivanti, Palo Alto Networks, and VMware.
These key takeaways highlight the urgency of addressing the zero-day vulnerability and the significance of securing VPN devices, as well as the broader trend of attacks targeting network perimeter applications in the cybersecurity landscape.