Memory Leak Issue in Check Point SmartConsole Affecting Administrators
CVE-2024-24915

6.1MEDIUM

Key Information:

Vendor: Checkpoint
Status: Check Point Smartconsole
Vendor: CVE Published:; 29 June 2025

What is CVE-2024-24915?

A memory leak in Check Point SmartConsole enables users with Administrator permissions to exploit the failure to clear credentials from memory after use. This vulnerability allows a potential attacker to execute a memory dump of the SmartConsole process and retrieve sensitive login credentials, posing a significant security risk for organizations relying on this software for network defense.

Affected Version(s)

Check Point SmartConsole Check Point SmartConsole versions R81.10, R81.20, R82

References

https://support.checkpoint.com/results/sk/sk183545

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 29, 2025
Vulnerability Reserved
Feb 1, 2024

Checkpoint

What is CVE-2024-24915?

Affected Version(s)

References

CVSS V3.1

Timeline