CVE-2024-24911
MEDIUMCheck Point Gaia OS - Denial of Service via cpca Process Out-of-bounds Read
Title source: llmDescription
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache.
References (1)
Core 1
Core References
Vendor Advisory
https://support.checkpoint.com/results/sk/sk183101
Scores
CVSS v3
5.3
EPSS
0.0037
EPSS Percentile
28.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-125
Status
published
Products (4)
checkpoint/gaia_os
r81
checkpoint/gaia_os
r81.10
checkpoint/gaia_os
r81.20
checkpoint/gaia_os
r82
Published
Feb 06, 2025
Tracked Since
Feb 18, 2026