Advertisements
The U.S. CISA added the following vulnerabilities to its Known Exploited Vulnerabilities catalog
- CVE-2024-24919 Check Point Quantum Security Gateways Information Disclosure Vulnerability
- CVE-2024-1086 Linux Kernel Use-After-Free Vulnerability
Advertisements
The vulnerability CVE-2024-24919 is a Quantum Gateway information disclosure issue. Threat actors exploited the flaw to gain remote firewall access and breach corporate networks.
The vulnerability CVE-2024-1086 is a Linux kernel use-after-free issue that resides in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation.
CISA orders federal agencies to fix this vulnerability by June 20, 2024.
