CheckPoint Patches VPN Auth Attack

 

The CheckPoint VPN gateway was found to be targeted by attackers. 

Specifically, when the VPN gateway was setup to accept simple password-only authentication to access the network, attackers were found to attempt in performing password guessing attacks. 

This finding was raised by CheckPoint themselves when monitoring customer's interaction, and probably, failed login attempts. These must have raised several warnings and later concerns by the software company.

Today's update from CheckPoint states "Following our security update on May 27, 2024, Check Point’s dedicated task force continues investigating attempts to gain unauthorized access to VPN products used by our customers. On May 28, 2024 we discovered a vulnerability in Security Gateways with Remote Access VPN or the Mobile Access blade enabled (CVE-2024-24919)."

CheckPoint recommend apply the hotfix with urgency. It doesn't elaborate deatails on the fix, possibly this could introduce security controls to prevent or make brute-force attacks easy to carry out.  

Ref: https://support.checkpoint.com/results/sk/sk182336