Home

Description

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.

PUBLISHED Reserved 2026-06-07 | Published 2026-06-08 | Updated 2026-06-08 | Assigner checkpoint




HIGH: 7.4CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-295: Improper Certificate Validation.

Product status

R82.10 with Jumbo Hotfix Take 19 or below
affected

R82 with Jumbo Hotfix Take 103 or below
affected

R81.20 with Jumbo Hotfix Take 141 or below
affected

R81.10, R81, and R80.40
affected

R80.20.X, R81.10.X, and R82.00.X
affected

References

support.checkpoint.com/results/sk/sk185035

cve.org (CVE-2026-50752)

nvd.nist.gov (CVE-2026-50752)

Download JSON