{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-24910", "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "state": "PUBLISHED", "assignerShortName": "checkpoint", "dateReserved": "2024-02-01T15:19:26.278Z", "datePublished": "2024-04-18T17:35:42.688Z", "dateUpdated": "2025-09-29T12:30:45.141Z"}, "containers": {"cna": {"affected": [{"product": "ZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,IdentityAgentforWindowsTerminalServer", "vendor": "checkpoint", "versions": [{"status": "affected", "version": "ZoneAlarmExtremeSecurityNextGen-versionslowerthan4.2.7,IdentityAgentforWindows-versionslowerthanR81.070.0000,IdentityAgentforWindowsTerminalServer-versionslowerthanR81.070.0000"}]}], "descriptions": [{"lang": "en", "value": "A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732:IncorrectPermissionAssignmentforCriticalResource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint", "dateUpdated": "2025-09-29T12:30:45.141Z"}, "references": [{"url": "https://support.checkpoint.com/results/sk/sk182219"}], "title": "LocalprivilegeescalationinCheckPointZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,andIdentityAgentforWindowsTerminalServerviacraftedDLLfile"}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-24910", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-25T19:46:15.022279Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:checkpoint:identity_agent:-:*:*:*:*:*:*:*"], "vendor": "checkpoint", "product": "identity_agent", "versions": [{"status": "affected", "version": "0", "lessThan": "R81.070.0000", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:checkpoint:zonealarm_extreme_security:*:*:*:*:*:*:*:*"], "vendor": "checkpoint", "product": "zonealarm_extreme_security", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.7", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:43:02.280Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:36:20.218Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.checkpoint.com/results/sk/sk182219", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.checkpoint.com/results/sk/sk182219", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T23:36:20.218Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-24910", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-25T19:46:15.022279Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:checkpoint:identity_agent:-:*:*:*:*:*:*:*"], "vendor": "checkpoint", "product": "identity_agent", "versions": [{"status": "affected", "version": "0", "lessThan": "R81.070.0000", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:checkpoint:zonealarm_extreme_security:*:*:*:*:*:*:*:*"], "vendor": "checkpoint", "product": "zonealarm_extreme_security", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.7", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-25T19:45:45.084Z"}}], "cna": {"title": "LocalprivilegeescalationinCheckPointZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,andIdentityAgentforWindowsTerminalServerviacraftedDLLfile", "affected": [{"vendor": "checkpoint", "product": "ZoneAlarmExtremeSecurityNextGen,IdentityAgentforWindows,IdentityAgentforWindowsTerminalServer", "versions": [{"status": "affected", "version": "ZoneAlarmExtremeSecurityNextGen-versionslowerthan4.2.7,IdentityAgentforWindows-versionslowerthanR81.070.0000,IdentityAgentforWindowsTerminalServer-versionslowerthanR81.070.0000"}]}], "references": [{"url": "https://support.checkpoint.com/results/sk/sk182219"}], "descriptions": [{"lang": "en", "value": "A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732:IncorrectPermissionAssignmentforCriticalResource"}]}], "providerMetadata": {"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint", "dateUpdated": "2025-09-29T12:30:45.141Z"}}}, "cveMetadata": {"cveId": "CVE-2024-24910", "state": "PUBLISHED", "dateUpdated": "2025-09-29T12:30:45.141Z", "dateReserved": "2024-02-01T15:19:26.278Z", "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "datePublished": "2024-04-18T17:35:42.688Z", "assignerShortName": "checkpoint"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:checkpoint:identity_agent:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F3A5ECE-1AB8-4453-8851-CD13ADAE75E6", "versionEndIncluding": "r81.070.0000", "vulnerable": true}, {"criteria": "cpe:2.3:a:checkpoint:zonealarm_extreme_security_nextgen:*:*:*:*:*:*:*:*", "matchCriteriaId": "733DCB31-1759-440E-B5F1-F813EB88ED09", "versionEndExcluding": "4.2.712", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A local attacker can erscalate privileges on affected Check Point ZoneAlarm ExtremeSecurity NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to execute local privileged code on the target system."}, {"lang": "es", "value": "Un atacante local puede escalar privilegios en Check Point ZoneAlarm Extreme Security NextGen, Identity Agent para Windows y Identity Agent para Windows Terminal Server afectados. Para aprovechar esta vulnerabilidad, un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo privilegiado local en el sistema de destino."}], "id": "CVE-2024-24910", "lastModified": "2026-01-15T16:48:58.680", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-04-18T18:15:09.197", "references": [{"source": "cve@checkpoint.com", "tags": ["Vendor Advisory"], "url": "https://support.checkpoint.com/results/sk/sk182219"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.checkpoint.com/results/sk/sk182219"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "cve@checkpoint.com", "type": "Secondary"}]}

{}

{}