PT-2025-17987 · Check Point · Check Point Mobile Access

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An authenticated end-user can set a specially crafted SNX bookmark, which can cause their browser to run a script when accessing their own bookmark list. Recommendations: At the moment, ther...

Hacker Claims Breach of Check Point Cybersecurity Firm, Sells Access

Hacker claims breach of Israeli cybersecurity firm Check Point, offering network access and sensitive data for sale; company denies any recent incident...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919---Exploit-Script Deskripsi CVE-2024-24919 adal...

China-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware

A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases. The campaign, codenamed...

CVE-2024-24911 Out of Bounds read in the CPCA process on Check Point Management Server

In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache...

CVE-2024-24911

CVE-2024-24911 affects the Check Point Management Server / Domain Management Server cpca process. An Out-of-Bounds read can occur when handling certain HTTP POSTs to TCP port 18264, potentially causing the cpca process to exit and produce a core dump. When cpca is down, VPN and SIC connectivity m...

Check Point Multi-Domain Security Management 安全漏洞

Check Point Multi-Domain Security Management is a centralized management solution from Check Point Israel for large-scale distributed environments with many discrete network segments. A security vulnerability exists in Check Point Multi-Domain Security Management, which stems from the possibility...

CVE-2024-24919

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available...

Banshee Stealer Hits macOS Users via Fake GitHub Repositories

SUMMARY Cybersecurity researchers at Check Point detected a new version of Banshee Stealer in late September 2024, distributed…...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

Check-Pointpoc Check-Point安全网关任意文件读取漏洞CVE-2024-24919 pytho...

Check Point Response to CVE-2024-0105 and CVE-2024-0106 - NVIDIA Firmware Vulnerabilities

Cause NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. Symptoms - These Check Point Line Cards and appliances contain network interfaces with potentially vulnerable NVIDIA firmware versions see CVE-2024-0105 and...

CVE-2024-6233

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...

CVE-2024-6233 Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...

CVE-2024-6233 Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability

Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged...

CVE-2024-6233

CVE-2024-6233 affects Check Point ZoneAlarm Extreme Security, with the vulnerability located in the Forensic Recorder service. By creating a symbolic link, an attacker who already has low-privilege code execution can abuse the service to overwrite arbitrary files, enabling privilege escalation to...

Check Point ZoneAlarm Extreme Security 安全漏洞

Check Point ZoneAlarm Extreme Security is a security antivirus from Check Point, Israel. A security vulnerability exists in Check Point ZoneAlarm Extreme Security that stems from improper handling of symbolic links in the Forensic Recorder service, which could allow a local attacker to overwrite...

Check Point Gaia Portal 安全漏洞

Check Point Gaia Portal is a web-based advanced interface for Gaia platform configuration from Check Point Israel. A security vulnerability exists in Check Point Gaia Portal that originates from an authenticated user being able to inject code or commands using global variables via a special HTTP...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919POC It's Proof of Concept on CVE-2024-24919-POC...

SEC Charges 4 Companies Over Misleading SolarWinds Cyber Attack Disclosures

The U.S. Securities and Exchange Commission SEC has charged four current and former public companies for making "materially misleading disclosures" related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020. The SEC said the companies – Avaya, Check Point, Mimecast,...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

EN Is a Proof of Concept PoC script to check for vulnerabil...