June 8, 2026 · Applied Cybernetics Group
CVE-2026-50751 — Check Point Security Gateway
Check Point Security Gateway Improper Authentication Vulnerability
- Added to KEV
2026-06-08- Federal due date
2026-06-11- Vendor
- Check Point
- Product
- Security Gateway
- EPSS
- 1.2th percentile (score 0.000, as of
2026-06-08) - NVD CVSS v3.1
- 9.3 (CRITICAL)
- Ransomware use
- Unknown
- Upstream
- https://nvd.nist.gov/vuln/detail/CVE-2026-50751
CISA short description
Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
NVD description
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.