Test Level Warns of Zero-Day Assaults on its VPN Gateway Merchandise

Might 29, 2024NewsroomEnterprise Safety / Vulnerability

Test Level is warning of a zero-day vulnerability in its Community Safety gateway merchandise that risk actors have exploited within the wild.

Tracked as CVE-2024-24919, the difficulty impacts CloudGuard Community, Quantum Maestro, Quantum Scalable Chassis, Quantum Safety Gateways, and Quantum Spark home equipment.

“The vulnerability potentially allows an attacker to read certain information on Internet-connected Gateways with remote access VPN or mobile access enabled,” Test Level mentioned.

Hotfixes can be found within the following variations –

• Quantum Safety Gateway and CloudGuard Community Safety Variations – R81.20, R81.10, R81, R80.40
• Quantum Maestro and Quantum Scalable Chassis – R81.20, R81.10, R80.40, R80.30SP, R80.20SP
• Quantum Spark Gateways Model – R81.10.x, R80.20.x, R77.20.x

The event comes days after the Israeli cybersecurity firm warned of assaults focusing on its VPN units to infiltrate enterprise networks.

“By May 24, 2024, we identified a small number of login attempts using old VPN local-accounts relying on unrecommended password-only authentication method,” it famous earlier this week.

This has now been traced again to a brand new high-severity zero-day found in Safety Gateways with IPSec VPN, Distant Entry VPN and the Cellular Entry software program blade.

Test Level didn’t elaborate on the character of the assaults, however famous in an FAQ that the exploitation makes an attempt noticed to this point concentrate on “remote access on old local accounts with unrecommended password-only authentication” in opposition to a “small number of customers.”

The focusing on of VPN units represents simply the most recent sequence of assaults to focus on community perimeter functions, with comparable assaults impacting units from Barracuda Networks, Cisco, Fortinet, Ivanti, Palo Alto Networks, and VMware in recent times.

“Attackers are motivated to gain access to organizations over remote-access setups so they can try to discover relevant enterprise assets and users, seeking for vulnerabilities in order to gain persistence on key enterprise assets,” Test Level mentioned.