CVE-2024-24919

HIGH

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

CVSS v3.1 Score

8.6
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE
Published: 5/28/2024Modified: 10/24/2025

Related Intelligence (1)

CRITICALRansomware

Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751)

Overview On June 8, 2026, Check Point published a security advisory for CVE-2026-50751 , a critical authentication bypass vulnerability affecting Check Point Remote Access VPN, Mobile Access, and Spark Firewall products. The vulnerability affects deployments configured to use the deprecated IKEv1 key exchange protocol where gateways accept legacy Remote Access clients and do not require a machine

CVE-2026-50751CVE-2026-50752
Rapid7

References (4)

https://support.checkpoint.com/results/sk/sk182336MitigationPatchhttps://support.checkpoint.com/results/sk/sk182336MitigationPatchhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-24919US Government Resourcehttps://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vulnerability-cve-2024-24919/Third Party Advisory