Exposures › CVE-2026-50751
Check Point Security Gateway allows unauthenticated attackers to bypass VPN authentication via an IKEv1 key exchange flaw.
This critical vulnerability enables remote attackers to establish VPN connections without valid credentials, directly undermining the integrity of remote access systems. For DIB organizations, this creates a high-risk exposure for sensitive data and violates FedRAMP/NIST 800-171 requirements for proper authentication mechanisms. Immediate patching and network segmentation are required to mitigate the risk of unauthorized access.
Shame score — A critical authentication bypass in a widely deployed security product that allows unauthenticated remote access to VPN connections.
Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
No correlated FedRAMP products.