CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2026-50751

CVSS 9.3v3.1pub. 2026-06-08upd. 2026-06-09

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
  • Checkpoint Gaia Embedded

    OS
    Checkpoint
    r81.10.17r82.00.10r80.20.00 – r82.00.10 (bez)r80.20.00 – r81.10.17 (bez)
  • Checkpoint Gaia Os

    OS
    Checkpoint
    r81.20r82r82.10r80.40 – r81.20 (bez)
  • Checkpoint Quantum Spark 1530

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1535

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1550

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1555

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1570

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1570r

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1575

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1575r

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1590

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1595r

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1600

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1800

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 1900

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 2000

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 2530

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 2550

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 2560

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 2570

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 2580

    HW
    Checkpoint
    wszystkie wersje
  • Checkpoint Quantum Spark 2590

    HW
    Checkpoint
    wszystkie wersje

CISA KEV — detailsi

Vendori
Check Point
Producti
Security Gateway
Added to KEVi
June 8, 2026
Remediation deadline (US Federal)i
June 11, 2026(overdue)
Ransomwarei
Active ransomware campaigns exploit this vulnerability
Required action (CISA)i

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
☠️WYKORZYSTYWANE W RANSOMWARECISA DEADLINE: 11 czerwca 2026
Tags
VPNAuth Bypass
CWE
References

Related vulnerabilities

CVE-2024-24914HIGH8.0ten sam produkt

Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Secu...

CVE-2024-52885MEDIUM5.0ten sam produkt

The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an a...

CVE-2024-52888MEDIUM5.4ten sam produkt

For an authenticated end-user the portal may run a script while attempting to display a directory or some file...

CVE-2024-24911MEDIUM5.3ten sam produkt

In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unex...

CVE-2021-30361MEDIUM6.7ten sam produkt

The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Cli...