CVE-2026-50751

CRITICAL CISA KEV
Published Jun 8, 2026 Modified Jun 9, 2026 CWE-287

Description

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

CVSS v3.1 Score

9.3
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

EPSS — Exploit Prediction

0.7010
Probability of exploitation
0.99%
Percentile rank

EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild.

Added: Jun 8, 2026 Remediation due: Jun 11, 2026 Known ransomware use

Weakness Type (CWE)

CWE-287 Improper Authentication

Affected Products

Vendor Product
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_os
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint quantum_spark_1530
checkpoint quantum_spark_1550
checkpoint quantum_spark_1570
checkpoint quantum_spark_1570r
checkpoint quantum_spark_1590
checkpoint quantum_spark_1595r
checkpoint quantum_spark_1600
checkpoint quantum_spark_1800
checkpoint quantum_spark_1900
checkpoint quantum_spark_2000
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint gaia_embedded
checkpoint quantum_spark_1535
checkpoint quantum_spark_1555
checkpoint quantum_spark_1575
checkpoint quantum_spark_1575r
checkpoint quantum_spark_2530
checkpoint quantum_spark_2550
checkpoint quantum_spark_2560
checkpoint quantum_spark_2570
checkpoint quantum_spark_2580
checkpoint quantum_spark_2590

References

Frequently Asked Questions

What is CVE-2026-50751? +
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password. It has a CVSS v3.1 base score of 9.3 (CRITICAL). This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.
How severe is CVE-2026-50751? +
CVE-2026-50751 has a CVSS v3.1 score of 9.3 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately. The EPSS score is 0.7010, placing it in the 1th percentile for exploitation probability.
What products are affected by CVE-2026-50751? +
CVE-2026-50751 affects products from checkpoint, specifically: gaia_embedded, gaia_os, quantum_spark_1530, quantum_spark_1535, quantum_spark_1550, quantum_spark_1555, quantum_spark_1570, quantum_spark_1570r, quantum_spark_1575, quantum_spark_1575r, quantum_spark_1590, quantum_spark_1595r, quantum_spark_1600, quantum_spark_1800, quantum_spark_1900, quantum_spark_2000, quantum_spark_2530, quantum_spark_2550, quantum_spark_2560, quantum_spark_2570, quantum_spark_2580, quantum_spark_2590. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2026-50751? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2026-50751 — free, no signup required.

Start Free Scan