Check Point Warns of Zero-Day Attacks on its VPN Gateway Products

Examine Stage is warning of a zero-day vulnerability in its Network Security gateway items that risk actors have exploited in the wild.

Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances.

“The vulnerability possibly allows an attacker to read certain data on Internet-linked Gateways with distant entry VPN or cell accessibility enabled,” Check out Point reported.

✔ Approved From Our Partners

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code

Hotfixes are obtainable in the following variations –

• Quantum Security Gateway and CloudGuard Network Security Versions – R81.20, R81.10, R81, R80.40
• Quantum Maestro and Quantum Scalable Chassis – R81.20, R81.10, R80.40, R80.30SP, R80.20SP
• Quantum Spark Gateways Model – R81.10.x, R80.20.x, R77.20.x

The growth comes times after the Israeli cybersecurity corporation warned of attacks targeting its VPN equipment to infiltrate business networks.

“By May possibly 24, 2024, we identified a modest range of login makes an attempt making use of outdated VPN local-accounts relying on unrecommended password-only authentication approach,” it noted previously this week.

This has now been traced again to a new large-severity zero-working day found in Security Gateways with IPSec VPN, Distant Obtain VPN and the Cell Obtain software package blade.

Look at Level did not elaborate on the mother nature of the attacks, but observed in an FAQ that the exploitation attempts observed so far aim on “distant entry on outdated area accounts with unrecommended password-only authentication” versus a “modest amount of consumers.”

The focusing on of VPN units represents just the most up-to-date series of attacks to goal network perimeter programs, with comparable attacks impacting devices from Barracuda Networks, Cisco, Fortinet, Ivanti, Palo Alto Networks, and VMware in modern a long time.

“Attackers are motivated to acquire entry to businesses over distant-accessibility setups so they can check out to find pertinent enterprise assets and customers, searching for for vulnerabilities in purchase to gain persistence on critical enterprise belongings,” Check Point explained.

Identified this posting exciting? Abide by us on Twitter  and LinkedIn to browse additional unique written content we post.