CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:
- CVE-2024-24919 Check Point Quantum Security Gateways Information Disclosure Vulnerability
- CVE-2024-1086 Linux Kernel Use-After-Free Vulnerability
The vulnerability CVE-2024-24919 is a Quantum Gateway information disclosure issue. Threat actors exploited the flaw to gain remote firewall access and breach corporate networks.
The issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Spark Appliances. Impacted versions are R80.20.x, R80.20SP (EOL), R80.40 (EOL), R81, R81.10, R81.10.x, and R81.20.
Early this week, the security firm warned of a surge in attacks aimed at VPN solutions.
The vulnerability CVE-2024-1086 is a Linux kernel use-after-free issue that resides in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Experts recommend also private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix this vulnerability by June 20, 2024.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Known Exploited Vulnerabilities catalog)