Check Point has patched CVE-2026-50751, a critical authentication bypass flaw in Remote Access VPN and Mobile Access deployments that was actively exploited in zero-day attacks. The company also discovered CVE-2026-50752, a related IKEv1 certificate validation issue that could enable man-in-the-middle attacks on site-to-site VPN connections. #CheckPoint #CVE-2026-50751 #CVE-2026-50752 #Qilin
Keypoints
- Check Point fixed CVE-2026-50751 in Remote Access VPN and Mobile Access deployments.
- The flaw lets unauthenticated attackers bypass authentication and establish VPN access.
- Exploitation was limited to a few dozen organizations worldwide.
- At least one incident was linked to a Qilin ransomware affiliate.
- Check Point also disclosed CVE-2026-50752, a related IKEv1 certificate validation issue.