Free practical cybersecurity guidance for organisations without a security team.
hello@actionsoncyber.com
← Back to Vulnerability Briefs

Critical Security Flaw in Check Point VPN Could Expose Your Network

A serious security weakness has been found in Check Point Security Gateways used for VPN and remote access. This flaw could let attackers access sensitive information if your system is connected to the internet with certain remote access features enabled. A fix is available and should be applied promptly.

09 June 2026

Reference: CVE-2024-24919

1. What is being reported?

The vulnerability affects Check Point Security Gateways that use remote Access VPN or Mobile Access Software Blades. Attackers who connect to these gateways over the internet may be able to read confidential information due to this flaw. This issue is actively being exploited, making it urgent to address.

2. What this means in plain English

If your organisation uses Check Point VPN or remote access solutions, this vulnerability could allow hackers to access sensitive data, potentially leading to data breaches or other security incidents. Small businesses relying on these technologies for remote work or secure connections are at risk if they do not update their systems.

3. Could this affect a small business?

Small businesses using Check Point Security Gateways with remote VPN or mobile access enabled could be affected. Organisations not using these specific Check Point products or not enabling remote access features are unlikely to be impacted.

4. What to do now

  • Check if your organisation uses Check Point Security Gateways with remote Access VPN or Mobile Access Software Blades enabled.
  • Contact your IT provider or software supplier to confirm if your systems are vulnerable.
  • Apply the security update or patch provided by Check Point as soon as possible.
  • Review your remote access settings and monitor for any unusual activity.

5. Ask your IT provider

Can you confirm whether our Check Point Security Gateway devices are affected by CVE-2024-24919 and have the latest security updates been applied?

6. Bottom line

If you use Check Point VPN for remote access, update your systems now to prevent attackers from accessing sensitive information.

Information based on CISA KEV, NVD, and reputable security reporting.

Back to Vulnerability Briefs