A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:NCheckpoint Gaia Embedded
OSCheckpointr81.10.17r82.00.10r80.20.00 – r82.00.10 (bez)r80.20.00 – r81.10.17 (bez)Checkpoint Gaia Os
OSCheckpointr81.20r82r82.10r80.40 – r81.20 (bez)Checkpoint Quantum Spark 1530
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1535
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1550
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1555
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1570
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1570r
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1575
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1575r
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1590
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1595r
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1600
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1800
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 1900
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 2000
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 2530
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 2550
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 2560
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 2570
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 2580
HWCheckpointwszystkie wersjeCheckpoint Quantum Spark 2590
HWCheckpointwszystkie wersje
CISA KEV — detailsi
- Vendori
- Check Point
- Producti
- Security Gateway
- Added to KEVi
- June 8, 2026
- Remediation deadline (US Federal)i
- June 11, 2026(overdue)
- Ransomwarei
- Active ransomware campaigns exploit this vulnerability
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
Related vulnerabilities
Authenticated Gaia users can inject code or commands by global variables through special HTTP requests. A Secu...
The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an a...
For an authenticated end-user the portal may run a script while attempting to display a directory or some file...
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unex...
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Cli...