CVE-2026-50751

Name of the Vulnerable Software and Affected Versions Check Point Security Gateway (affected versions not specified)

Description A logic flow weakness in certificate validation for Remote Access and Mobile Access deployments using the deprecated IKEv1 key exchange protocol allows an unauthenticated remote attacker to bypass user authentication. This flaw enables the establishment of a remote access VPN connection without a valid user password, granting access to secure networks. This issue has been exploited in the wild to deploy ransomware linked to the Qilin gang.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.