CISA has ordered U.S. federal agencies to patch Check Point Remote Access VPN and Mobile Access deployments after a critical zero-day vulnerability, CVE-2026-50751, was exploited in attacks linked to Qilin ransomware affiliates. Check Point said the flaw affects certain IKEv1-based configurations and urged immediate updates or mitigations to block unauthorized VPN access. #CheckPoint #CVE202650751 #Qilin
Keypoints
- CVE-2026-50751 lets unauthenticated attackers bypass VPN authentication.
- The flaw impacts certain Check Point Mobile Access, SSL VPN, Remote Access VPN, and Spark firewalls.
- Only deployments using deprecated IKEv1 and legacy remote access settings are affected.
- Check Point released fixes and said attacks began on May 7 and increased over the weekend.
- CISA added the flaw to the KEV Catalog and ordered federal agencies to patch by June 11.