CVE-2026-50751 – Checkpoint Quantum Security Gateway

CVSS 9.3 CRITICAL Critical or Zero Day – Immediate Deployment

“When authentication fails silently, the VPN becomes the attacker's front door.”

Check Point patched CVE-2026-50751 in Quantum Security Gateway. This logic flow weakness in Remote Access and Mobile Access certificate validation within the deprecated IKEv1 key exchange process allows an unauthenticated remote attacker to bypass user authentication and establish a VPN connection without a valid user password. The CVSS score is 9.3, which is Critical severity.

The vulnerability directly impacts remote access controls and can provide unauthorized access to protected network resources. The issue requires no valid credentials and no user interaction. Active exploitation has been reported.

Key Details

Affected Product
Checkpoint Gaia Os
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
CWE Classification
CWE-287
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.