CVE-2026-50751 – Checkpoint Quantum Security Gateway
CVSS 9.3
CRITICAL
Critical or Zero Day – Immediate Deployment
“When authentication fails silently, the VPN becomes the attacker's front door.”
Check Point patched CVE-2026-50751 in Quantum Security Gateway. This logic flow weakness in Remote Access and Mobile Access certificate validation within the deprecated IKEv1 key exchange process allows an unauthenticated remote attacker to bypass user authentication and establish a VPN connection without a valid user password. The CVSS score is 9.3, which is Critical severity.
The vulnerability directly impacts remote access controls and can provide unauthorized access to protected network resources. The issue requires no valid credentials and no user interaction. Active exploitation has been reported.
Key Details
- Affected Product
- Checkpoint Gaia Os
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- CWE Classification
- CWE-287
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.