Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1

Description

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.

Affected Products

Vendor	Product	Versions
checkpoint	quantum security gateway	R82.10 with Jumbo Hotfix Take 19 or below, R82 with Jumbo Hotfix Take 103 or below, R81.20 with Jumbo Hotfix Take 141 or below, R81.10, R81, and R80.40, R80.20.X, R81.10.X, and R82.00.X

References

https://support.checkpoint.com/results/sk/sk185035

Related News (2 articles)

Tier D

BleepingComputer5h ago

Check Point links VPN zero-day attacks to Qilin ransomware gang

→ No new info (linked only)

Tier C

VulDB6h ago

CVE-2026-50752 | Check Point Quantum Security Gateway/Spark Firewalls certificate validation

→ No new info (linked only)

CVSS 3.17.4 HIGH

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA KEV❌ No

Actively exploited❌ No

CWECWE-295

PublishedJun 8, 2026

Last enriched4h agov2

Trending Score38

Source articles2

Independent2

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

Version History

Last enriched 4h ago

v2Tier D4h ago

Updated description with new details about critical authentication bypass vulnerability and confirmed active exploitation linked to the Qilin ransomware gang.

description

via BleepingComputer

v15h ago

Initial creation

Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1

Description

Affected Products

References

Related News (2 articles)

Community Vote

Related CVEs (2)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History