User Authentication Bypass in VPN Remote Access and Mobile Access_CVE-2026-50751

{
    "lastseen": "",
    "description": "A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.",
    "published": "2026-06-08T11:07:15.746Z",
    "modified": "2026-06-08T16:20:11.403Z",
    "type": "cve",
    "title": "User Authentication Bypass in VPN Remote Access and Mobile Access",
    "source": "checkpoint",
    "references": "https://support.checkpoint.com/results/sk/sk185033",
    "id": "CVE-2026-50751",
    "bulletinFamily": "",
    "cwe": [
        "CWE-287"
    ],
    "cvelist": null,
    "sourceData": "checkpoint Quantum Security Gateway R82.10 with Jumbo Hotfix Take 19 or below\ncheckpoint Quantum Security Gateway R82 with Jumbo Hotfix Take 103 or below\ncheckpoint Quantum Security Gateway R81.20 with Jumbo Hotfix Take 141 or below\ncheckpoint Quantum Security Gateway R81.10, R81, and R80.40\ncheckpoint Spark Firewalls R80.20.X, R81.10.X, and R82.00.X",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Quantum Security Gateway",
    "version": "R82.10 with Jumbo Hotfix Take 19 or below",
    "vendor": "checkpoint",
    "ai_description": "Unauthenticated remote attacker can bypass user authentication and establish a remote access VPN connection without a valid user password due to a logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange",
    "ai_severity": "Critical",
    "ai_vendor": "Checkpoint",
    "ai_product": "Quantum Security Gateway",
    "ai_version": "R82.10 with Jumbo Hotfix Take 19 or below, R82 with Jumbo Hotfix Take 103 or below, R81.20 with Jumbo Hotfix Take 141 or below, R81.10, R81, R80.40, Spark Firewalls R80.20.X, R81.10.X, R82.00.X",
    "ai_score": 9.3
}