Check Point VPNs exploited to breach enterprise networks

A broken link in a digital chaing / weakness / vulnerability



“Relying on these customers notifications and Check Point’s analysis, the teams found within 24 hours a few potential customers which were subject to similar attempts,” Check Point added.

The affected Check Point environments include CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances.

Security Gateway Hotfix

To fix the vulnerable configuration on the affected gateway services, the company has released a “hotfix update.” The update can be accessed at the Security Gateway portal under available software updates.

“Within a few hours of this development, Check Point released an easy-to-implement solution that prevents attempts to exploit this vulnerability,” the company said in the release.

Alternatively, the hotfix is available separately as a download as part of the security advisory. Check Point has urged customers to apply the fix to prevent unauthorized remote access attempts immediately.

In addition to applying the hotfix, the company has recommended changing the password of the Security Gateway’s account in Active Directory and preventing local accounts from connecting to the VPN with password authentication.



Source link
lol

“Relying on these customers notifications and Check Point’s analysis, the teams found within 24 hours a few potential customers which were subject to similar attempts,” Check Point added. The affected Check Point environments include CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark Appliances. Security Gateway Hotfix To fix the vulnerable…

Leave a Reply

Your email address will not be published. Required fields are marked *