汇总 Check Point 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
已披露问题常与 跨站脚本、缓冲区溢出与输入验证问题 相关,可能在 生产负载与软件部署 场景中带来 应用崩溃与内存损坏 等暴露风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-50751 KEV | A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password. | [email protected] | 9.3 | 11.84% | 2026-06-08 | 2026-06-09 |
| CVE-2025-3831 | Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties. | [email protected] | 8.1 | 0.28% | 2025-08-12 | 2025-09-03 |
| CVE-2025-2028 | Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs | [email protected] | 6.5 | 0.18% | 2025-08-06 | 2025-08-27 |
| CVE-2024-52885 | The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway. | [email protected] | 5.0 | 0.25% | 2025-08-06 | 2025-08-27 |
| CVE-2024-24915 | Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them. | [email protected] | 6.1 | 0.14% | 2025-06-29 | 2025-09-03 |
| CVE-2024-24916 | Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin). | [email protected] | 6.5 | 0.11% | 2025-06-19 | 2025-09-04 |
| CVE-2024-52888 | For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties. | [email protected] | 5.4 | 0.25% | 2025-04-27 | 2025-09-02 |
| CVE-2024-52887 | Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list. | [email protected] | 3.5 | 0.25% | 2025-04-27 | 2025-09-02 |
| CVE-2024-24911 | In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache. | [email protected] | 5.3 | 0.28% | 2025-02-06 | 2025-10-15 |
| CVE-2024-6233 | Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Forensic Recorder service. By creating a symbolic link, an attacker can abuse the service to overwr | [email protected] | 7.8 | 0.05% | 2024-11-22 | 2026-01-15 |
| CVE-2024-24914 | Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Security fix that mitigates this vulnerability is available. | [email protected] | 8.0 | 0.23% | 2024-11-07 | 2025-08-26 |
| CVE-2024-24919 KEV | Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. | [email protected] | 8.6 | 94.34% | 2024-05-28 | 2025-10-24 |
| CVE-2024-24912 | A local privilege escalation vulnerability has been identified in Harmony Endpoint Security Client for Windows versions E88.10 and below. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system. | [email protected] | 6.7 | 0.05% | 2024-05-01 | 2025-08-26 |
| CVE-2024-24910 | A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system. | [email protected] | 7.3 | 0.08% | 2024-04-18 | 2026-01-15 |
| CVE-2023-28134 | Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.8 | 0.04% | 2023-11-12 | 2024-11-21 |
| CVE-2023-28130 | Local user may lead to privilege escalation using Gaia Portal hostnames page. | [email protected] | 7.2 | 4.17% | 2023-07-26 | 2024-11-21 |
| CVE-2023-28133 | Local privilege escalation in Check Point Endpoint Security Client (version E87.30) via crafted OpenSSL configuration file | [email protected] | 7.8 | 1.47% | 2023-07-23 | 2024-11-21 |
| CVE-2022-23746 | The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords. | [email protected] | 7.5 | 0.27% | 2022-11-30 | 2025-04-25 |
| CVE-2022-41604 | Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions for the %PROGRAMDATA%\CheckPoint\ZoneAlarm\Data\Updates directory, and a self-protection driver bypass that allows creation of a junction directory. This can be leveraged to perform an arbitrary file move as NT AUTHORITY\SYSTEM. | [email protected] | 8.8 | 0.04% | 2022-09-27 | 2025-05-22 |
| CVE-2022-23745 | A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive information. | [email protected] | 7.5 | 0.53% | 2022-07-18 | 2024-11-21 |