Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

checkpoint — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting checkpoint. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Checkpoint develops network security solutions including firewalls and threat prevention systems. Historically, Checkpoint products have been vulnerable to remote code execution, cross-site scripting, privilege escalation, and authentication bypass flaws. The vendor maintains 16 CVE records, with some vulnerabilities allowing unauthenticated attackers to execute arbitrary code or bypass security controls. While no major public security incidents have been widely reported, Checkpoint's complex architectures have occasionally introduced misconfiguration risks. The company regularly addresses security issues through patches, though some historical vulnerabilities remained exploitable for extended periods before fixes were deployed.

Top products by checkpoint: Check Point Mobile Access Check Point SmartConsole Harmony Endpoint. ZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,IdentityAgentforWindowsTerminalServer Harmony Endpoint Security Client for Windows Check Point Quantum Gateway, Spark Gateway and CloudGuard Network ClusterXL, Multi-Domain Security Management, Quantum Appliances, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Security Management Multi-Domain Security Management, Quantum Security Management Check Point Management Log Server Check Point Harmony SASE Identity Agent Identity Awareness Hramony SASE
CVE IDTitleCVSSSeverityPublished
CVE-2025-9142 Local privilege escalation in Harmony SASE Windows Agent — Hramony SASECWE-22 7.5 High2026-01-14
CVE-2025-8305 Information Disclosure in Identity Agent Debug Files — Identity AwarenessCWE-200 6.5 Medium2025-12-22
CVE-2025-8304 Information Disclosure in Identity Agent Registry Keys — Identity AgentCWE-200 6.5 Medium2025-12-22
CVE-2025-3831 Exposed SFTP server — Check Point Harmony SASECWE-200 8.1 High2025-08-12
CVE-2024-52885 Path Traversal — Check Point Mobile AccessCWE-35 5.0 Medium2025-08-06
CVE-2025-2028 Lack of TLS validation — Check Point Management Log ServerCWE-295 6.5 Medium2025-08-06
CVE-2024-24915 SmartConsole Sensitive Credential Exposure via Memory Dump — Check Point SmartConsoleCWE-316 6.1 Medium2025-06-29
CVE-2024-24916 DLL-HiJacking — Check Point SmartConsoleCWE-427 6.5 Medium2025-06-19
CVE-2024-52888 Stored-XSS — Check Point Mobile AccessCWE-79 5.4 Medium2025-04-27
CVE-2024-52887 Self-XSS — Check Point Mobile AccessCWE-79 3.5 Low2025-04-27
CVE-2024-24911 Out of Bounds read in the CPCA process on Check Point Management Server — Multi-Domain Security Management, Quantum Security ManagementCWE-125 5.3 Medium2025-02-06
CVE-2024-24914 Check Point Gaia Portal 安全漏洞 — ClusterXL, Multi-Domain Security Management, Quantum Appliances, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Security ManagementCWE-914 8.0 High2024-11-07
CVE-2024-24919 Information disclosure — Check Point Quantum Gateway, Spark Gateway and CloudGuard NetworkCWE-200 8.6 High2024-05-28
CVE-2024-24912 Local privilege escalation in Harmony Endpoint Security Client for Windows via crafted DLL file — Harmony Endpoint Security Client for WindowsCWE-732 6.7 -2024-05-01
CVE-2024-24910 LocalprivilegeescalationinCheckPointZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,andIdentityAgentforWindowsTerminalServerviacraftedDLLfile — ZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,IdentityAgentforWindowsTerminalServerCWE-732 6.7 -2024-04-18
CVE-2023-28134 Local Privliege Escalation in Check Point Endpoint Security Remediation Service — Harmony Endpoint.CWE-732 7.8 -2023-11-12

This page lists every published CVE security advisory associated with checkpoint. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.