Rapid7’s 2026 Global Cybersecurity Summit is now available on-demand.Watch sessions.
Rapid7

vulnerability

Check Point Gaia: CVE-2026-50751: Authentication bypass on Remote Access VPN and Mobile Access in deprecated IKEv1 key exchange allows unauthenticated remote VPN connection.

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:P/A:N)
Published
Jun 9, 2026
Added
Jun 9, 2026
Modified
Jun 9, 2026

Description

A critical authentication bypass vulnerability in Check Point Remote Access VPN and Mobile Access deployments configured to use the deprecated IKEv1 key exchange protocol. By exploiting a logic flaw in the certificate validation logic, an unauthenticated remote attacker can bypass user authentication and establish a remote access VPN connection without a valid user password. This vulnerability affects Security Gateways with legacy Remote Access clients enabled that do not require machine certificate authentication. Check Point has confirmed active exploitation in the wild, including post-compromise activity associated with the Qilin ransomware group. A related vulnerability, CVE-2026-50752, also affects certificate validation in deprecated IKEv1 and may allow man-in-the-middle attacks on site-to-site VPN connections.

Solution

fix-check-point-gaia-cve-2026-50751
Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.