Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
08 June 2026
Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol.
The vulnerability, tracked as CVE-2026-50751 (CVSS score: 9.3), is a case of a logic flow weakness in certificate validation that allows an unauthenticated remote attacker to bypass user