June 6, 2024 at 09:40AM Zero-day vulnerability in Check Point VPN products, CVE-2024-24919, is being exploited at an alarming rate since disclosure. GreyNoise reports exploitation allows access to sensitive data, lateral movement, and domain privileges. Over 10,000 exploitation attempts logged, with 781 unique IP addresses. Users are advised to apply available mitigations immediately. Key takeaways … Read more
May 31, 2024 at 03:35PM CISA added two vulnerabilities to its KEV catalog, including a Linux kernel privilege escalation flaw (CVE-2024-1086) and an info disclosure flaw on VPN devices (CVE-2024-24919). The former allows local attackers to gain root-level access, with a public exploit available. CISA has set a patching deadline for federal agencies and suggested … Read more
May 30, 2024 at 05:48AM Check Point VPNs were targeted by threat actors exploiting a zero-day vulnerability, allowing access to enterprise networks through old VPN local accounts. The vulnerability, tracked as CVE-2024-24919, affects certain Check Point Security Gateways and allows hackers to extract password hashes. Mnemonic reported attacks using CVE-2024-24919 in customer environments since April … Read more