CVE-2024-24910 - OpenCVE

A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Checkpoint	Identity Agent Zonealarm Extreme Security
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:checkpoint:identity_agent::::::::
	cpe:2.3:a:checkpoint:zonealarm_extreme_security::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://support.checkpoint.com/results/sk/sk182219

History

Tue, 26 Aug 2025 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Checkpoint Checkpoint identity Agent Checkpoint zonealarm Extreme Security Microsoft Microsoft windows
CPEs		cpe:2.3:a:checkpoint:identity_agent:::::::: cpe:2.3:a:checkpoint:zonealarm_extreme_security:::::::: cpe:2.3:o:microsoft:windows:-:::::::*
Vendors & Products		Checkpoint Checkpoint identity Agent Checkpoint zonealarm Extreme Security Microsoft Microsoft windows

MITRE

Status: PUBLISHED

Assigner: checkpoint

Published: 2024-04-18T17:35:42.688Z

Updated: 2024-08-01T23:36:20.218Z

Reserved: 2024-02-01T15:19:26.278Z

Link: CVE-2024-24910

Vulnrichment

Updated: 2024-08-01T23:36:20.218Z

NVD

Status : Analyzed

Published: 2024-04-18T18:15:09.197

Modified: 2025-08-26T18:42:32.470

Link: CVE-2024-24910

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-24910", "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "state": "PUBLISHED", "assignerShortName": "checkpoint", "dateReserved": "2024-02-01T15:19:26.278Z", "datePublished": "2024-04-18T17:35:42.688Z", "dateUpdated": "2024-08-01T23:36:20.218Z"}, "containers": {"cna": {"affected": [{"product": "ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, Identity Agent for Windows Terminal Server", "vendor": "checkpoint", "versions": [{"status": "affected", "version": "ZoneAlarm Extreme Security NextGen - versions lower than 4.2.7, Identity Agent for Windows - versions lower than R81.070.0000, Identity Agent for Windows Terminal Server - versions lower than R81.070.0000"}]}], "title": "Local privilege escalation in Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server via crafted DLL file", "descriptions": [{"lang": "en", "value": "A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732: Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint", "dateUpdated": "2024-04-18T17:35:42.688Z"}, "references": [{"url": "https://support.checkpoint.com/results/sk/sk182219"}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-24910", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-25T19:46:15.022279Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:checkpoint:identity_agent:-:*:*:*:*:*:*:*"], "vendor": "checkpoint", "product": "identity_agent", "versions": [{"status": "affected", "version": "0", "lessThan": "R81.070.0000", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:checkpoint:zonealarm_extreme_security:*:*:*:*:*:*:*:*"], "vendor": "checkpoint", "product": "zonealarm_extreme_security", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.7", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:43:02.280Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:36:20.218Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.checkpoint.com/results/sk/sk182219", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.checkpoint.com/results/sk/sk182219", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:36:20.218Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-24910", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-25T19:46:15.022279Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:checkpoint:identity_agent:-:*:*:*:*:*:*:*"], "vendor": "checkpoint", "product": "identity_agent", "versions": [{"status": "affected", "version": "0", "lessThan": "R81.070.0000", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:checkpoint:zonealarm_extreme_security:*:*:*:*:*:*:*:*"], "vendor": "checkpoint", "product": "zonealarm_extreme_security", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.7", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-25T19:45:45.084Z"}}], "cna": {"title": "Local privilege escalation in Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server via crafted DLL file", "affected": [{"vendor": "checkpoint", "product": "ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, Identity Agent for Windows Terminal Server", "versions": [{"status": "affected", "version": "ZoneAlarm Extreme Security NextGen - versions lower than 4.2.7, Identity Agent for Windows - versions lower than R81.070.0000, Identity Agent for Windows Terminal Server - versions lower than R81.070.0000"}]}], "references": [{"url": "https://support.checkpoint.com/results/sk/sk182219"}], "descriptions": [{"lang": "en", "value": "A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732: Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint", "dateUpdated": "2024-04-18T17:35:42.688Z"}}}, "cveMetadata": {"cveId": "CVE-2024-24910", "state": "PUBLISHED", "dateUpdated": "2024-08-01T23:36:20.218Z", "dateReserved": "2024-02-01T15:19:26.278Z", "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "datePublished": "2024-04-18T17:35:42.688Z", "assignerShortName": "checkpoint"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:identity_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F3A5ECE-1AB8-4453-8851-CD13ADAE75E6", "versionEndIncluding": "r81.070.0000", "vulnerable": true}, {"criteria": "cpe:2.3:a:checkpoint:zonealarm_extreme_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "B9AF1ABD-2029-491D-8A75-513266E030BA", "versionEndExcluding": "4.2.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system."}, {"lang": "es", "value": "Un atacante local puede escalar privilegios en Check Point ZoneAlarm Extreme Security NextGen, Identity Agent para Windows y Identity Agent para Windows Terminal Server afectados. Para aprovechar esta vulnerabilidad, un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo privilegiado local en el sistema de destino."}], "id": "CVE-2024-24910", "lastModified": "2025-08-26T18:42:32.470", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-04-18T18:15:09.197", "references": [{"source": "cve@checkpoint.com", "tags": ["Vendor Advisory"], "url": "https://support.checkpoint.com/results/sk/sk182219"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.checkpoint.com/results/sk/sk182219"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "cve@checkpoint.com", "type": "Secondary"}]}