CVE-2024-24919

HIGH 8.6

⚠️ CISA KEV

Information disclosure

CVSS Score

8.6

EPSS Score

0.0%

EPSS Percentile

0th

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

CWE	CWE-200
Vendor	checkpoint
Product	check point quantum gateway, spark gateway and cloudguard network
Published	May 28, 2024
Last Updated	Oct 21, 2025

⚠️ Actively Exploited — Act Now

Get instant alerts for checkpoint check point quantum gateway, spark gateway and cloudguard network

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-24919.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Affected Versions

checkpoint / Check Point Quantum Gateway, Spark Gateway and CloudGuard Network

Check Point Quantum Gateway and CloudGuard Network versions R81.20, R81.10, R81, R80.40 and Check Point Spark versions R81.10, R80.20.

References

NVD ↗ CVE.org ↗ EPSS Data ↗

support.checkpoint.com: https://support.checkpoint.com/results/sk/sk182336 mnemonic.io: https://www.mnemonic.io/resources/blog/advisory-check-point-remote-access-vpn-vulnerability-cve-2024-24919/ cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-24919