LetsDefend Monitoring Alert

Arbitrary File Read on Checkpoint Security Gateway [CVE-2024-24919]

Jun, 06, 2024, 03:12 PM

Event ID: 263

Event Time: Jun, 06, 2024, 03:12 PM

Rule Name: SOC287 - Arbitrary File Read on Checkpoint Security Gateway [CVE-2024-24919]

Alert Type: Web Attack

MITRE Technique:
T1003 - Credential Access - OS Credential Dumping,
T1190 - Initial Access - Exploit Public-Facing Application,
T1083 - Discovery - File and Directory Discovery,

Real World Example:CVE-2024-24919 is a zero-day arbitrary file read in Check Point Security Gateways.

Severity: High

Security Analyst

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166