Unrated severityCISA KEVNVD Advisory· Published May 28, 2024· Updated Oct 21, 2025
Information disclosure
CVE-2024-24919
Description
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Affected products
2- checkpoint/Check Point Quantum Gateway, Spark Gateway and CloudGuard Networkv5Range: Check Point Quantum Gateway and CloudGuard Network versions R81.20, R81.10, R81, R80.40 and Check Point Spark versions R81.10, R80.20.
Patches
Vulnerability mechanics
References
1News mentions
2- CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-dayBleepingComputer · Jun 9, 2026
- Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751)Rapid7 Blog · Jun 8, 2026