CVE-2026-50751: Check Point Security Gateway Improper Authentication Vulnerability

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
CVE-2026-50751CVSS 9.3CISA KEVMail

CVE-2026-50751: Check Point Security Gateway Improper Authentication Vulnerability

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

CVSS
9.3 CRITICAL
EPSS
99.3%
Known exploited
yes
Product
Security Gateway

What is known

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

Sources