CVE-2026-50751
CRITICAL KEV CISA Exploitation: ACTIVE
Ransomware noto
9.3
CVSS 3.1
Description
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
Metadata
Severity & Metrics
9.3
CRITICAL CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
SSVC — CISA Coordinator
CISA Known Exploited Vulnerability
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
CISA description
Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
Affected products (2)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| checkpoint | Quantum Security Gateway | — | R82.10 with Jumbo Hotfix Take 19 or below, R82 with Jumbo Hotfix Take 103 or below, R81.20 with Jumbo Hotfix Take 141 or below, R81.10, R81, and R80.40 |
| checkpoint | Spark Firewalls | — | R80.20.X, R81.10.X, and R82.00.X |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-287 | cna | CWE-287: Improper Authentication. |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 9.3 | CRITICAL | 3.1 | adp | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N |
References (1)