CVE-2024-24916 MEDIUM

CVE-2024-24916: DLL-HiJacking

Vendor Checkpoint
Product Check Point SmartConsole
Weakness CWE-427
Published June 19, 2025
Last update June 20, 2025

CVSS base score

6.5/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin).

Key dates

02Disclosure timeline

June 19, 2025 CVE published
June 20, 2025 Record updated