CVE-2026-50751 | THREATINT

Description

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

PUBLISHED Reserved 2026-06-07 | Published 2026-06-08 | Updated 2026-06-08 | Assigner checkpoint

Problem types

CWE-287: Improper Authentication.

Product status

R82.10 with Jumbo Hotfix Take 19 or below

affected

R82 with Jumbo Hotfix Take 103 or below

affected

R81.20 with Jumbo Hotfix Take 141 or below

affected

R81.10, R81, and R80.40

affected

R80.20.X, R81.10.X, and R82.00.X

affected

References

support.checkpoint.com/results/sk/sk185033

cve.org (CVE-2026-50751)

nvd.nist.gov (CVE-2026-50751)

Download JSON

help @ threatint.eu