The ASD’s ACSC is aware of CVE-2024-24919 that enables access of sensitive information to an unauthorised actor.
Background / What has happened?
- The ASD's ACSC is tracking a vulnerability in Check Points’ Quantum Security Gateway devices.
- The ASD's ACSC is aware of active exploitation of vulnerable instances.
Mitigation / How do I stay secure?
- Australian organisations should review their networks for use of vulnerable instances of Check Points’ Quantum Security Gateway and implement the mitigation advice provided by the vendor.
- A hotfix for CVE-2024-24919 is available. The ACSC strongly recommends that affected Australian organisations patch this vulnerability as a matter of high priority.
Assistance / Where can I go for help?
The ASD's ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).