{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-50751", "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "state": "PUBLISHED", "assignerShortName": "checkpoint", "dateReserved": "2026-06-07T09:42:08.251Z", "datePublished": "2026-06-08T11:07:15.746Z", "dateUpdated": "2026-06-09T03:55:36.045Z"}, "containers": {"cna": {"affected": [{"product": "Quantum Security Gateway", "vendor": "checkpoint", "versions": [{"status": "affected", "version": "R82.10 with Jumbo Hotfix Take 19 or below"}, {"status": "affected", "version": "R82 with Jumbo Hotfix Take 103 or below"}, {"status": "affected", "version": "R81.20 with Jumbo Hotfix Take 141 or below"}, {"status": "affected", "version": "R81.10, R81, and R80.40"}]}, {"product": "Spark Firewalls", "vendor": "checkpoint", "versions": [{"status": "affected", "version": "R80.20.X, R81.10.X, and R82.00.X"}]}], "title": "User Authentication Bypass in VPN Remote Access and Mobile Access", "descriptions": [{"lang": "en", "value": "A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287: Improper Authentication.", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint", "dateUpdated": "2026-06-08T11:07:15.746Z"}, "references": [{"url": "https://support.checkpoint.com/results/sk/sk185033"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "other": {"type": "CVSSv4.0", "content": {"version": "4.0", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 9.3, "baseSeverity": "CRITICAL", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"}}}]}, "adp": [{"references": [{"url": "https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/", "tags": ["vendor-advisory"]}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-50751", "tags": ["government-resource"]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-06-08T00:00:00+00:00", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2026-50751"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2026-06-08", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-50751"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-09T03:55:36.045Z"}, "timeline": [{"time": "2026-06-08T00:00:00.000Z", "lang": "en", "value": "CVE-2026-50751 added to CISA KEV"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-50751", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-08T19:52:43.919642Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2026-06-08", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-50751"}}}], "references": [{"url": "https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/", "tags": ["vendor-advisory"]}, {"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-50751", "tags": ["government-resource"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-08T16:01:50.476Z"}, "timeline": [{"lang": "en", "time": "2026-06-08T00:00:00.000Z", "value": "CVE-2026-50751 added to CISA KEV"}]}], "cna": {"title": "User Authentication Bypass in VPN Remote Access and Mobile Access", "metrics": [{"other": {"type": "CVSSv4.0", "content": {"version": "4.0", "baseScore": 9.3, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "checkpoint", "product": "Quantum Security Gateway", "versions": [{"status": "affected", "version": "R82.10 with Jumbo Hotfix Take 19 or below"}, {"status": "affected", "version": "R82 with Jumbo Hotfix Take 103 or below"}, {"status": "affected", "version": "R81.20 with Jumbo Hotfix Take 141 or below"}, {"status": "affected", "version": "R81.10, R81, and R80.40"}]}, {"vendor": "checkpoint", "product": "Spark Firewalls", "versions": [{"status": "affected", "version": "R80.20.X, R81.10.X, and R82.00.X"}]}], "references": [{"url": "https://support.checkpoint.com/results/sk/sk185033"}], "descriptions": [{"lang": "en", "value": "A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287: Improper Authentication."}]}], "providerMetadata": {"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "shortName": "checkpoint", "dateUpdated": "2026-06-08T11:07:15.746Z"}}}, "cveMetadata": {"cveId": "CVE-2026-50751", "state": "PUBLISHED", "dateUpdated": "2026-06-09T03:55:36.045Z", "dateReserved": "2026-06-07T09:42:08.251Z", "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45", "datePublished": "2026-06-08T11:07:15.746Z", "assignerShortName": "checkpoint"}, "dataVersion": "5.2"}

{"cisaActionDue": "2026-06-11", "cisaExploitAdd": "2026-06-08", "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Check Point Security Gateway Improper Authentication Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:checkpoint:gaia_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "8FF872BA-A562-41C5-9BEE-E23DA78F8D35", "versionEndExcluding": "r81.20", "versionStartIncluding": "r80.40", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:-:*:*:*:*:*:*", "matchCriteriaId": "C939766C-B8F9-4D87-A0C1-AF184DF24411", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_10:*:*:*:*:*:*", "matchCriteriaId": "4EC030B6-DA6D-4500-8BFB-9C5336DA5C96", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_101:*:*:*:*:*:*", "matchCriteriaId": "FB9F857E-1288-4D34-A0EF-D1CC57C3F507", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_103:*:*:*:*:*:*", "matchCriteriaId": "24672DE2-44D1-4C57-97FD-C48932C4377B", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_105:*:*:*:*:*:*", "matchCriteriaId": "70E8F526-84C1-4EC9-91DE-4696068B4B04", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_111:*:*:*:*:*:*", "matchCriteriaId": "A7C872AF-30EA-42C4-B835-04D5437A9B80", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_113:*:*:*:*:*:*", "matchCriteriaId": "10254179-61C3-4041-BCD1-64DEBD14B258", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_115:*:*:*:*:*:*", "matchCriteriaId": "6DD4809C-AE8F-4DAA-A2F4-6143798BABAC", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_118:*:*:*:*:*:*", "matchCriteriaId": "1B76E242-925B-49F8-83A7-622F986BA851", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_119:*:*:*:*:*:*", "matchCriteriaId": "74290166-AD26-4BAF-B592-1E72ECE8CCC4", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_120:*:*:*:*:*:*", "matchCriteriaId": "325EDC5E-3FC3-4477-80A5-1A5F4943887A", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_122:*:*:*:*:*:*", "matchCriteriaId": "6A2CE5CD-F8D1-4B74-93EC-7966DBD51F90", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_126:*:*:*:*:*:*", "matchCriteriaId": "875D457D-D955-4F1B-AEF6-A550AD713741", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_127:*:*:*:*:*:*", "matchCriteriaId": "2303A0C4-5561-4BE1-ABB2-F285C89CFD1A", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_14:*:*:*:*:*:*", "matchCriteriaId": "20C8BF97-A587-4444-8A3E-35F35440B60C", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_141:*:*:*:*:*:*", "matchCriteriaId": "8E30891A-B93F-45E9-962E-61627422F8C7", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_24:*:*:*:*:*:*", "matchCriteriaId": "8D6F2456-EAB9-4EDB-859A-BCB8DEF708B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_26:*:*:*:*:*:*", "matchCriteriaId": "0EBD5040-8386-4ECA-9F46-97FC8B698A05", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_38:*:*:*:*:*:*", "matchCriteriaId": "63F0211F-E2D2-4729-A970-590BA162C668", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_41:*:*:*:*:*:*", "matchCriteriaId": "7EEC35AD-A996-472E-809E-D403F06B69B8", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_43:*:*:*:*:*:*", "matchCriteriaId": "1F3ABB69-FAD0-4030-9A30-3E29862B68A5", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_45:*:*:*:*:*:*", "matchCriteriaId": "76E00B8C-A53E-44B3-999C-93F042711CD3", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_53:*:*:*:*:*:*", "matchCriteriaId": "250EBCC5-4EA9-4983-B083-561BEA0F7514", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_54:*:*:*:*:*:*", "matchCriteriaId": "0BD508BE-E9C2-4FC1-A170-93C5639F8BA9", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_65:*:*:*:*:*:*", "matchCriteriaId": "5B2CC1FB-445F-44D0-A881-58F85A88263C", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_70:*:*:*:*:*:*", "matchCriteriaId": "FF225C3C-D9D5-4617-B3FE-9F324B7091FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_76:*:*:*:*:*:*", "matchCriteriaId": "C6A7AEAE-3B59-4149-BC9B-E6AAF712E9D4", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_79:*:*:*:*:*:*", "matchCriteriaId": "26B917DC-9D52-4A63-B1F7-1EFD84C42EEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_8:*:*:*:*:*:*", "matchCriteriaId": "72839A3A-5111-4663-9736-AD91E04F7B0C", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_84:*:*:*:*:*:*", "matchCriteriaId": "48A0A735-EB36-4BC8-87BC-2166C1853A56", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_89:*:*:*:*:*:*", "matchCriteriaId": "10739520-2269-4423-A964-807C57CDDFAE", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_90:*:*:*:*:*:*", "matchCriteriaId": "FF2A6363-A3E5-4645-BE92-30B9A4491A11", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_92:*:*:*:*:*:*", "matchCriteriaId": "36AAAFB6-6041-413A-A09C-6D8F8D46DD87", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_96:*:*:*:*:*:*", "matchCriteriaId": "082D680F-D722-4A3F-917E-7B5D2CF4E1B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_98:*:*:*:*:*:*", "matchCriteriaId": "3C101923-462C-4A5D-80CC-9392150FA03E", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r81.20:take_99:*:*:*:*:*:*", "matchCriteriaId": "A806E4EB-6441-46A6-B856-0BBC01A978A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:-:*:*:*:*:*:*", "matchCriteriaId": "A524CEE0-F639-48AB-9A9C-EA0A37F5DE9B", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_10:*:*:*:*:*:*", "matchCriteriaId": "90AFA6EF-8DAF-47A7-A79C-D868F06CF379", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_103:*:*:*:*:*:*", "matchCriteriaId": "DE702A9E-383D-420A-BB0C-DD935F0F241C", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_12:*:*:*:*:*:*", "matchCriteriaId": "AFC6CFAD-65D6-4F73-A486-4ADF2A6AF454", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_14:*:*:*:*:*:*", "matchCriteriaId": "3EAC6AB8-A27D-4711-A868-028D447554D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_18:*:*:*:*:*:*", "matchCriteriaId": "BDBFA62A-8FCE-48BC-ABDB-69E72ED5AB85", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_19:*:*:*:*:*:*", "matchCriteriaId": "486AC6A9-70E5-448A-84DC-CBA79ADCD906", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_25:*:*:*:*:*:*", "matchCriteriaId": "26E45155-DD2A-40E3-922D-234C2AD799C1", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_33:*:*:*:*:*:*", "matchCriteriaId": "4DF60A40-0C6B-4A16-9973-36BE2AE36981", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_34:*:*:*:*:*:*", "matchCriteriaId": "DB912857-F1DE-4863-AA55-37545F29B379", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_36:*:*:*:*:*:*", "matchCriteriaId": "9D540144-E641-4BF6-8E24-2258093CAEFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_39:*:*:*:*:*:*", "matchCriteriaId": "73B84EDC-67DA-4511-A74B-09312689E51D", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_41:*:*:*:*:*:*", "matchCriteriaId": "43393362-0C2B-471E-9C0D-03B9D76EA84E", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_43:*:*:*:*:*:*", "matchCriteriaId": "9CA8BE4D-C71F-48D7-B780-E355BF9ACA7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_44:*:*:*:*:*:*", "matchCriteriaId": "055BD4D8-850C-41A0-9ED5-60874CB667B4", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_60:*:*:*:*:*:*", "matchCriteriaId": "1F27A6BB-CA50-4448-B116-4B49346C3155", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_73:*:*:*:*:*:*", "matchCriteriaId": "E18BFECE-B786-414E-A2C0-5835F313E2C8", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82:take_91:*:*:*:*:*:*", "matchCriteriaId": "89455890-9888-41A5-B12B-086EC35297B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82.10:-:*:*:*:*:*:*", "matchCriteriaId": "50C9BB1A-E214-4018-8849-56F6D9A25968", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82.10:take_19:*:*:*:*:*:*", "matchCriteriaId": "53D0B2C1-59F1-4095-8D46-CE7F3D87BA33", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_os:r82.10:take_6:*:*:*:*:*:*", "matchCriteriaId": "2955157B-8C1C-4241-89FF-6588C440954B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BCFEA43-AB81-4485-B6B1-7948FBB3EC5E", "versionEndExcluding": "r81.10.17", "versionStartIncluding": "r80.20.00", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r81.10.17:-:*:*:*:*:*:*", "matchCriteriaId": "FA48FB0C-7CE1-475D-B685-FF59593C00F7", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r81.10.17:build_996004508:*:*:*:*:*:*", "matchCriteriaId": "F822BD5E-8829-4752-A979-81D0608FADBE", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r81.10.17:build_996004620:*:*:*:*:*:*", "matchCriteriaId": "F1A17167-24E5-4A3A-9C72-390518F1E092", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r81.10.17:build_996004653:*:*:*:*:*:*", "matchCriteriaId": "E5A0620A-3F9E-4044-87CC-C6382308B59F", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r81.10.17:build_996004721:*:*:*:*:*:*", "matchCriteriaId": "DB03BA80-3775-44AB-AA24-0D3F381846B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r81.10.17:build_996004892:*:*:*:*:*:*", "matchCriteriaId": "92DF5CB3-6368-452F-9E57-1D18D238D2BB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1530:-:*:*:*:*:*:*:*", "matchCriteriaId": "FD21C289-F0A7-40B1-ABA6-DE973A5C12FB", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1550:-:*:*:*:*:*:*:*", "matchCriteriaId": "0691ED2B-98E4-4BEF-88CD-90737C7B54CD", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1570:-:*:*:*:*:*:*:*", "matchCriteriaId": "9787C7C5-FCB2-424A-B593-0216CE86808F", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1570r:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F000ECB-4189-4B32-8699-421A67C17BDB", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1590:-:*:*:*:*:*:*:*", "matchCriteriaId": "C68DBC96-4248-41AE-8581-8C792ED0A58D", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1595r:-:*:*:*:*:*:*:*", "matchCriteriaId": "61E5A939-A111-401E-A718-0562F3DA6C35", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1600:-:*:*:*:*:*:*:*", "matchCriteriaId": "194E2E0B-23E3-4175-805D-506DF5C491DB", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1800:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ECBC553-2864-40D2-8EF3-B15BB002ECEE", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1900:-:*:*:*:*:*:*:*", "matchCriteriaId": "69D14FCF-84E2-41A1-9EBF-6264F1AFD85A", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5A672E9-4243-4852-9B91-B0393C98C471", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B6DC80E-B339-4678-BC76-56D06AFDF102", "versionEndExcluding": "r82.00.10", "versionStartIncluding": "r80.20.00", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r82.00.10:-:*:*:*:*:*:*", "matchCriteriaId": "DECDEDBC-6CEF-45A6-8EEE-C6E053502BEF", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r82.00.10:build_998001559:*:*:*:*:*:*", "matchCriteriaId": "C413370D-0432-485C-BEA1-3D4F95486DF1", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r82.00.10:build_998001562:*:*:*:*:*:*", "matchCriteriaId": "9DE1FA66-FD77-4117-9993-A84D871F3B4B", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r82.00.10:build_998002110:*:*:*:*:*:*", "matchCriteriaId": "2DAB048C-BF9F-4B60-B99B-21CF61FBD377", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r82.00.10:build_998002112:*:*:*:*:*:*", "matchCriteriaId": "49932FF8-7281-4F6F-85F9-66A3BF1BCF29", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r82.00.10:build_998002133:*:*:*:*:*:*", "matchCriteriaId": "B51A9398-AA4B-407B-9EE6-1C253E99C8CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:checkpoint:gaia_embedded:r82.00.10:build_998002203:*:*:*:*:*:*", "matchCriteriaId": "F0C5B191-9167-4DD8-89F8-1526AA6B37BA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1535:-:*:*:*:*:*:*:*", "matchCriteriaId": "603082FA-896F-4F43-9298-EA821AC8746D", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1555:-:*:*:*:*:*:*:*", "matchCriteriaId": "D432C69F-B100-4D29-AD10-D02DF4D637F6", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1575:-:*:*:*:*:*:*:*", "matchCriteriaId": "D826E703-003D-449C-B190-801FD99CF832", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_1575r:-:*:*:*:*:*:*:*", "matchCriteriaId": "618E00E8-09D7-4A64-905F-04650781DB63", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_2530:-:*:*:*:*:*:*:*", "matchCriteriaId": "D363A133-C9E8-4289-9D51-A8284ABF0E9B", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_2550:-:*:*:*:*:*:*:*", "matchCriteriaId": "492D42C7-BA79-42AC-903E-5A3EF4D00BDA", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_2560:-:*:*:*:*:*:*:*", "matchCriteriaId": "3FE64FE4-F3C6-4924-8E65-BC336D416739", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_2570:-:*:*:*:*:*:*:*", "matchCriteriaId": "707EC21A-2F9B-4E72-9C60-4382C736D191", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_2580:-:*:*:*:*:*:*:*", "matchCriteriaId": "994F4EE1-1ADE-4EA3-AD9A-840E96C353A1", "vulnerable": false}, {"criteria": "cpe:2.3:h:checkpoint:quantum_spark_2590:-:*:*:*:*:*:*:*", "matchCriteriaId": "C49FBD30-C627-4DDC-90B0-F0C4E6DD927C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password."}], "id": "CVE-2026-50751", "lastModified": "2026-06-09T18:30:55.230", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-06-08T12:16:32.367", "references": [{"source": "cve@checkpoint.com", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "url": "https://support.checkpoint.com/results/sk/sk185033"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Vendor Advisory"], "url": "https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["US Government Resource"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-50751"}], "sourceIdentifier": "cve@checkpoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "cve@checkpoint.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "R82.10 with Jumbo Hotfix Take 19 or below"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "R82 with Jumbo Hotfix Take 103 or below"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "R81.20 with Jumbo Hotfix Take 141 or below"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "R81.10, R81, and R80.40"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Quantum Security Gateway", "source": "cna", "vendor": "checkpoint"}, "product": "quantum_security_gateway", "vendor": "checkpoint"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "R80.20.X, R81.10.X, and R82.00.X"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "spark_firewalls", "vendor": "checkpoint"}], "created": "2026-06-08T12:30:23.837471+00:00", "updated": "2026-06-09T15:00:07.929264+00:00", "vendors": ["checkpoint", "checkpoint$PRODUCT$quantum_security_gateway", "checkpoint$PRODUCT$spark_firewalls"]}