CVE-2026-50751
User Authentication Bypass in VPN Remote Access and Mobile Access
Description
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
In plain language
AI Act nowCVE-2026-50751 is a VPN login-bypass flaw in certain Check Point products that lets attackers get into your VPN without a password—if you use Check Point Quantum Security Gateway, Spark Firewalls, or their Gaia systems for remote/mobile access, treat this as urgent and patch right away.
What to do
- Contact your IT/security person now and ask them to patch Check Point Remote Access and Mobile Access components for CVE-2026-50751 across checkpoint Quantum Security Gateway, checkpoint Spark Firewalls, checkpoint gaia os, and checkpoint gaia embedded.
- Check whether you use IKEv1 for VPN remote/mobile connections, and if so, ask whether it can be disabled or replaced while you patch.
- Review remote access VPN logs for unusual connection attempts or VPN sessions that do not match normal user/password activity, and escalate any suspicious findings.
CVSS Vector Breakdown
AV:NAttack VectorAC:LAttack ComplexityPR:NPrivileges RequiredUI:NUser InteractionS:CScopeC:HConfidentialityI:LIntegrityA:NAvailabilityWeaknesses
Affected Products
Exploitability
Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Attack Graph
Click technique nodes for MITRE ATT&CK details · drag to pan · Ctrl/⌘ + scroll to zoom, or go fullscreen.
MITRE ATT&CK
2 techniquesReferences
- ⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and Moreen·The Hacker News· Summary only·
- 15th June – Threat Intelligence Reporten-us·Check Point Research·
- Weekly Threat Intelligence: June 8 to June 14, 2026en-us·Daily CyberSecurity (securityonline.info)· Summary only·
- Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751)en·watchTowr Labs·
- Вымогатели больше месяца пользовались 0-day-уязвимостью в Check Point VPNru-ru·Хакер (xakep.ru)· Source-only·
- Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacksen-us·SecurityWeek· Summary only·
- CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-dayen-us·BleepingComputer· Summary only·
- CISA Active Exploit Catalog Expands with Critical Gateway Flawsen-us·Daily CyberSecurity (securityonline.info)· Summary only·
- Check Point VPN Flaw Exploited Since Early Mayen·Dark Reading· Source-only·
- Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751)en·Rapid7 Blog·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2026-50751 and every CVE in our database. Create a free account — no credit card required.
Create Free Account