Arbitrary Code Execution Vulnerability in Installer by Check Point
CVE-2024-24916

6.5MEDIUM

Key Information:

Vendor: Checkpoint
Status: Check Point Smartconsole
Vendor: CVE Published:; 19 June 2025

What is CVE-2024-24916?

A flaw exists in the Check Point Installer where untrusted DLL files located in the installer's directory can be loaded and executed. This vulnerability could allow attackers to execute arbitrary code with the privileges of the installer, potentially compromising system integrity or data security.

Affected Version(s)

Check Point SmartConsole Check Point SmartConsole versions R81.10, R81.20

References

https://support.checkpoint.com/results/sk/sk183342

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2025
Vulnerability Reserved
Feb 1, 2024

Checkpoint

What is CVE-2024-24916?

Affected Version(s)

References

CVSS V3.1

Timeline