Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,176
- Points
- 113
Learn how to keep your data safe.
Recently, a serious vulnerability was discovered in the "CloudGuard Network Security" device from Check Point. This vulnerability was identified as CVE-2024-24919 and is characterized as a high-priority vulnerability. The problem lies in the fact that the vulnerability allows an unauthorized attacker to gain access to confidential information on gateways connected to the Internet and using remote access via VPN or mobile access.
Check Point confirmed that this bug is being actively exploited. The vulnerability allows attackers to read various data from devices, including configuration files and password hashes, which poses a significant security risk.
Details of vulnerability analysis
Security researchers from WatchTowr Labs conducted a vulnerability analysis by comparing the source and updated code (patch-diffing). During the analysis, it was revealed that the vulnerability is related to the so-called "path traversal"attacks. This allowed attackers to bypass file path checks on the server and gain access to files located outside the allowed directory.
Operating method
The researchers found that the vulnerability could be exploited by sending a specially crafted request to the server. In one of these requests, the attacker was able to get the contents of the /etc/shadow file, which stores hashes of system user passwords. This means that an attacker could read any files on the device, which makes this vulnerability particularly dangerous.
What can an attacker do?
Attackers can use the vulnerability to read confidential information on Check Point devices. Despite the fact that official reports describe the possibility of "certain information" being leaked, analyses have shown that the vulnerability allows access to critical files, such as the shadow password file, which can lead to a complete compromise of the system.
Check Point's response
Check Point has released an urgent patch to fix this vulnerability. In their notification, they also recommended that users protect vulnerable devices with additional security measures, such as the use of IPS and SSL inspections at border gateways.
Conclusion
The vulnerability CVE-2024-24919 poses a serious threat to the security of Check Point devices, and its exploitation can compromise confidential information. All administrators are advised to immediately install available updates and take additional measures to protect their systems.
Check Point has confirmed the issue and released relevant updates for its products. Users should follow the company's recommendations and install patches as soon as possible to protect their networks from potential attacks.
Source
Recently, a serious vulnerability was discovered in the "CloudGuard Network Security" device from Check Point. This vulnerability was identified as CVE-2024-24919 and is characterized as a high-priority vulnerability. The problem lies in the fact that the vulnerability allows an unauthorized attacker to gain access to confidential information on gateways connected to the Internet and using remote access via VPN or mobile access.
Check Point confirmed that this bug is being actively exploited. The vulnerability allows attackers to read various data from devices, including configuration files and password hashes, which poses a significant security risk.
Details of vulnerability analysis
Security researchers from WatchTowr Labs conducted a vulnerability analysis by comparing the source and updated code (patch-diffing). During the analysis, it was revealed that the vulnerability is related to the so-called "path traversal"attacks. This allowed attackers to bypass file path checks on the server and gain access to files located outside the allowed directory.
Operating method
The researchers found that the vulnerability could be exploited by sending a specially crafted request to the server. In one of these requests, the attacker was able to get the contents of the /etc/shadow file, which stores hashes of system user passwords. This means that an attacker could read any files on the device, which makes this vulnerability particularly dangerous.
What can an attacker do?
Attackers can use the vulnerability to read confidential information on Check Point devices. Despite the fact that official reports describe the possibility of "certain information" being leaked, analyses have shown that the vulnerability allows access to critical files, such as the shadow password file, which can lead to a complete compromise of the system.
Check Point's response
Check Point has released an urgent patch to fix this vulnerability. In their notification, they also recommended that users protect vulnerable devices with additional security measures, such as the use of IPS and SSL inspections at border gateways.
Conclusion
The vulnerability CVE-2024-24919 poses a serious threat to the security of Check Point devices, and its exploitation can compromise confidential information. All administrators are advised to immediately install available updates and take additional measures to protect their systems.
Check Point has confirmed the issue and released relevant updates for its products. Users should follow the company's recommendations and install patches as soon as possible to protect their networks from potential attacks.
Source
