Unexpected Process Exit in Check Point Security Management Server
CVE-2024-24911

5.3MEDIUM

Key Information:

Vendor: Checkpoint
Status: Multi-domain Security Management, Quantum Security Management
Vendor: CVE Published:; 6 February 2025

What is CVE-2024-24911?

The cpca process on the Check Point Security Management Server or Domain Management Server may exit unexpectedly under rare circumstances, resulting in a core dump file. This unexpected termination can lead to connectivity challenges for VPN and SIC, particularly if the Certificate Revocation List (CRL) is absent from the Security Gateway's CRL cache, potentially impacting network security functionality.

Affected Version(s)

Multi-Domain Security Management, Quantum Security Management Quantum Security Management R81 (EOS), R81.10, R81.20

References

https://support.checkpoint.com/results/sk/sk183101

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 6, 2025
Vulnerability Reserved
Feb 1, 2024

Checkpoint

What is CVE-2024-24911?

Affected Version(s)

References

CVSS V3.1

Timeline