CVE-2024-24911

Medium

Published: 06 February 2025

Published

06 February 2025

Modified

15 October 2025

KEV Added

—

Patch

—

CVSS Score 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS Score 0.0028 51.0th percentile

Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Description

In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache.

Security Summary

CVE-2024-24911 is a vulnerability affecting the cpca process on Check Point Security Management Server and Domain Management Server. In rare scenarios, the process may exit unexpectedly, generating a core dump file. This issue is classified under CWE-125 (Out-of-bounds Read) and carries a CVSS v3.1 base score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L), indicating medium severity primarily due to low-impact availability disruption.

An unauthenticated attacker with network access can exploit this vulnerability remotely with low complexity and no user interaction required. Successful exploitation causes the cpca process to crash, leading to potential denial-of-service effects: when cpca is down, VPN and SIC connectivity may fail on Security Gateways if the Certificate Revocation List (CRL) is absent from the gateway's CRL cache.

Check Point's advisory (SK183101) provides details on mitigation; security practitioners should consult https://support.checkpoint.com/results/sk/sk183101 for patches, workarounds, and affected versions.

Details

CWE(s): CWE-125

Affected Products

checkpoint

gaia os

r81, r81.10, r81.20, r82

References

https://support.checkpoint.com/results/sk/sk183101
Vendor Advisory · cve@checkpoint.com