CVE-2024-24910
Last modified
CVE-2024-24910 is a high-severity vulnerability rated 7.3/10 on the CVSS scale. A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system.. EPSS estimates a 0.15% chance of exploitation in the next 30 days.
Description
A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Checkpoint | Identity Agent | <= r81.070.0000 |
| Checkpoint | Zonealarm Extreme Security Nextgen | < 4.2.712 |
References
- https://support.checkpoint.com/results/sk/sk182219Vendor Advisory
- https://support.checkpoint.com/results/sk/sk182219Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2024-24910?
How severe is CVE-2024-24910?
How do I fix CVE-2024-24910?
Are you affected by CVE-2024-24910?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST