CVE-2026-50752 PUBLISHED

Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1

Assigner: checkpoint
Reserved: 07.06.2026 Published: 08.06.2026 Updated: 08.06.2026

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS Score: 7.4

Attack Vector	Network	Scope	Unchanged
Attack Complexity	High	Confidentiality Impact	High
Privileges Required	None	Integrity Impact	High
User Interaction	None	Availability Impact	None

CVSS 3.1

Product Status

Vendor	checkpoint
Product	Quantum Security Gateway
Versions	Version R82.10 with Jumbo Hotfix Take 19 or below is affected Version R82 with Jumbo Hotfix Take 103 or below is affected Version R81.20 with Jumbo Hotfix Take 141 or below is affected Version R81.10, R81, and R80.40 is affected

Vendor	checkpoint
Product	Spark Firewalls
Versions	Version R80.20.X, R81.10.X, and R82.00.X is affected

References

https://support.checkpoint.com/results/sk/sk185035

Problem Types

CWE-295: Improper Certificate Validation. CWE