Tech | Visa | Scholarship/School | Info Place

Zero-day vulnerability in Check Point VPN is ‘extremely easy’ to exploit

Cybersecurity firm Check Point says attackers are exploiting a zero-day vulnerability in its enterprise VPN product to break into its customers’ corporate networks.

The technology maker has not yet revealed who was responsible for the cyberattack or how many customers were affected by intrusions related to the vulnerability, which security researchers have described as “extremely easy” to exploit.

Check Point said in a blog post this week that a vulnerability in its Quantum network security appliances could allow a remote attacker to obtain sensitive credentials from an affected device, allowing the attacker to access the victim’s wider network. Check Point said attackers began exploiting the vulnerability around April 30. A zero-day vulnerability is one that a vendor does not have time to fix before it is exploited.

The company urged customers to install a patch to fix the vulnerability.

According to Check Point’s website, the company has more than 100,000 customers. A Check Point spokesperson did not respond to a request for comment on how many customers were affected by the breach.

Check Point is the latest security company in recent months to disclose security flaws in its security products, whose technology is designed to protect companies from cyberattacks and digital intrusions.

These network security devices sit at the edge of a company’s network, acting as digital gatekeepers that allow users in, but often have security holes and in some cases can easily bypass their security defenses, leading to compromise of customer networks.

In recent months, several companies and security vendors, including Ivanti, ConnectWise and Palo Alto Networks, have patched vulnerabilities in their enterprise security products that malicious attackers could use to break into customer networks and steal data. All of the vulnerabilities were classified as high-severity, largely because they were so easy to exploit.

As for the Check Point vulnerability, security research firm watchTowr Labs said in its vulnerability analysis that the vulnerability is “extremely easy” to exploit once found.

The vulnerability, described by watchTowr Labs as a path traversal vulnerability, means an attacker could remotely trick an affected Check Point device into returning files that are supposed to be protected and prohibited from access, such as passwords to access the device’s root operating system.

“This is much more powerful than the vendor recommendations would suggest,” said Aliz Hammond, a researcher at watchTowr Labs.

The U.S. cybersecurity agency CISA said it had added the Check Point vulnerability to its public catalog of known exploited vulnerabilities. The government cyber agency said in a brief comment that the vulnerability is frequently exploited by malicious cyber actors and that such vulnerabilities “pose a significant risk to federal enterprises.”

#Zeroday #vulnerability #Check #Point #VPN #extremely #easy #exploit

Leave a Reply

Your email address will not be published. Required fields are marked *