Check Point VPNs exploited to breach enterprise networks

Vulnerability affects password-only protection

The vulnerability, tracked as CVE-2024-24919, apparently only affects Security Gateways configured with password-only protection that Check Point recommends against.

“The attempts we’ve seen so far focus on remote access scenarios with old local accounts with unrecommended password-only authentication,” Check Point said. “Password-only authentication cannot ensure the highest levels of security, and we strongly recommend that you do not rely on this method when logging in to network infrastructure.”

To explore these and any other potentially related attempts to exploit this vulnerability, the company said it has assembled “special teams of Incident Response, Research, Technical Services and Products professionals.”