CVE-2026-50571

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Check Point warns that outdated IKEv1 VPN protocol vulnerabilities are actively exploited in ransomware-linked attacks, urging organizations to implement emergency hotfixes.

Key Points:

Vulnerabilities in the outdated IKEv1 VPN protocol are being actively exploited.
Attackers can bypass authentication to establish VPN connections without a valid password.
Check Point has identified the flaw as CVE-2026-50571 with a CVSS score of 9.3.
Urgent hotfixes and mitigation strategies are available for affected organizations.
Organizations are encouraged to transition to the more secure IKEv2 protocol.

Check Point has discovered critical vulnerabilities in the legacy IKEv1 VPN protocol, which is still used by some organizations for compatibility reasons. One notable flaw allows attackers to bypass authentication and connect to VPNs without valid credentials, potentially granting them unauthorized access to corporate networks. This vulnerability has been linked to ransomware attacks, with exploitation first detected in May and increasing recently. The security community considers the flaw a significant threat due to its potential for granting attackers a foothold within targeted environments.

What steps is your organization taking to ensure the security of its VPN protocols?

Learn More: CSO Online

Want to stay updated on the latest cyber threats?

👉 Subscribe to /r/PwnHub

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-50571

Affected Products

Undefined

CVE-2026-50571

Related Identifiers

Affected Products

References · 1