Security Advisory Issued for Quantum Security Gateway Device by ACSC Due to Vulnerabilities at Check Points
Check Point, a leading cybersecurity company, has revealed the existence of a new vulnerability (CVE-2024-24919) in their Security Gateways with IPsec VPN in Remote Access VPN community and the Mobile Access software blade. This vulnerability could potentially allow unauthorised access to VPN products used by customers.
The cybersecurity firm is currently investigating attempts to exploit this vulnerability. In certain scenarios, an attacker could move laterally and gain domain admin privileges, posing a significant threat to network security.
The Australian Cyber Security Centre (ACSC) is tracking this vulnerability and has advised Australian organisations to review their networks for the use of vulnerable instances of Check Point's Security Gateway devices. The ACSC is also aware of active exploitation of vulnerable Check Points' Quantum Security Gateway devices.
Check Point has made a preventative hotfix available for CVE-2024-24919, which was initially discovered in the encryption towers of their devices in Australia. The hotfix was released on August 28, 2025, and is recommended for deployment on September 7, 2025.
The ACSC strongly recommends that affected Australian organisations patch the newly discovered vulnerability as a matter of high priority. Failure to do so could potentially provide access to sensitive information on the Security Gateway.
Check Point continues to investigate the attempts to gain unauthorised access to VPN products used by customers, and the company urges organisations to stay vigilant and apply the available hotfix as soon as possible.
Read also:
- Mural at blast site in CDMX commemorates Alicia Matías, sacrificing life for granddaughter's safety
- Microsoft's Patch Tuesday essential fixes: 12 critical vulnerabilities alongside a Remote Code Execution flaw in SharePoint
- British intelligence agency MI6 establishes a covert dark web platform named 'Silent Courier' in Istanbul for the purpose of identifying and enlisting secret agents.
- Russia intends to manufacture approximately 79,000 Shahed drones by the year 2025, according to Ukraine's intelligence.
