Check Point Gateway Path Traversal (CVE-2024-24919)
Description
CVE-2024-24919 is a critical path traversal vulnerability affecting multiple Check Point Gateway products. This flaw allows remote, unauthenticated attackers to bypass access controls and read arbitrary files from the affected system by manipulating file path parameters. The vulnerability exists due to insufficient input validation when processing file path requests, enabling attackers to traverse outside intended directories using specially crafted requests.
Remediation
1. Immediately apply the preventative hotfix provided by Check Point (reference SK182336) for your specific product version and operating system.
2. Review the Check Point security advisory at https://support.checkpoint.com/results/sk/sk182336 to identify if your deployment is affected.
3. Upgrade to the latest patched version of Check Point Gateway software as soon as possible following the hotfix application.
4. Monitor system logs for suspicious file access patterns or path traversal attempts (look for requests containing '../' or encoded equivalents).
5. Conduct a security assessment to determine if unauthorized file access occurred prior to patching.
6. If immediate patching is not possible, implement network-level access controls to restrict access to the management interface from trusted IP addresses only.