The Australian Cyber Security Centre (ACSC) says it is tracking a vulnerability in Check Points’ Quantum Security Gateway devices and is aware of active exploitation of vulnerable instances.
Check Point has made available a preventative hotfix for CVE-2024-24919 and says its task force continues investigating attempts to gain unauthorised access to VPN products used by customers.
“On May 28, 2024, we discovered a vulnerability in Security Gateways with IPsec VPN in Remote Access VPN community and the Mobile Access software blade (CVE-2024-24919),” the Check Point advisory reads. “Exploiting this vulnerability can result in accessing sensitive information on the Security Gateway. This, in certain scenarios, can potentially lead the attacker to move laterally and gain domain admin privileges.”
The ACSC says Australian organisations should review their networks for use of vulnerable instances and implement the mitigation advice. “The ACSC strongly recommends that affected Australian organisations patch this vulnerability as a matter of high priority,” adds the agency.
