CVE-2024-24910

Name of the Vulnerable Software and Affected Versions Check Point ZoneAlarm Extreme Security NextGen (affected versions not specified) Check Point Identity Agent for Windows (affected versions not specified) Check Point Identity Agent for Windows Terminal Server (affected versions not specified)

Description The issue is related to the incorrect assignment of permissions for a critical resource. This can allow an attacker to escalate their privileges using a specially crafted DLL library. A local attacker must first obtain the ability to execute local privileged code on the target system to exploit this issue.

Recommendations For Check Point ZoneAlarm Extreme Security NextGen, consider disabling any functionality that relies on the vulnerable resource until a patch is available. For Check Point Identity Agent for Windows, restrict access to critical system resources to minimize the risk of exploitation. For Check Point Identity Agent for Windows Terminal Server, avoid using any libraries or modules that may be affected by the incorrect permission assignment until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.