AI description
CVE-2026-50752 describes a weakness found in the certificate validation logic of the deprecated IKEv1 key exchange protocol. This flaw could enable an unauthenticated attacker, positioned as a man-in-the-middle, to bypass certificate validation in VPN site-to-site connections that rely on certificate-based authentication. Successful exploitation of this vulnerability could allow for the interception or modification of traffic traversing the affected VPN tunnel. This vulnerability was identified during an investigation into a separate critical flaw, CVE-2026-50751. While Check Point has not observed active exploitation of CVE-2026-50752 in the wild, they recommend applying updates to mitigate potential exposure.
- Description
- A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.
- Source
- cve@checkpoint.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.4
- Impact score
- 5.2
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- HIGH
- cve@checkpoint.com
- CWE-295
- Hype score
- Not currently trending
Qilin ransomware affiliates are reportedly weaponizing vulnerable Check Point VPN deployments to gain initial access. CVE-2026-50751 and CVE-2026-50752 affect Check Point Mobile Access, SSL VPN, Remote Access VPN, Spark Firewall, and Security Gateways. Apply the latest hotfixes
@SecPod
12 Jun 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751) | 08-06-2026 Source: https://t.co/QCSc0HAzg6 Key details below ↓ 💀Threats: Qilin_ransomware, Mitm_technique, 🎯Victims: Organizations 🔓CVEs: CVE-2026-50752 https:/
@rst_cloud
9 Jun 2026
192 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Check Point disclosed CVE-2026-50751, a critical VPN auth bypass exploited as a zero-day since May 7. Related flaw CVE-2026-50752 also fixed; CISA added the issue to KEV. #CheckPoint #Qilin #KEV https://t.co/xqG300rVbi
@TweetThreatNews
9 Jun 2026
120 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Detailed Analysis for CVE-2026-50752 (Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1) Stop guessing the risk. The technical details are ready. 🔥 $5 Special Trial to celebrate our CVE Feed launch! 🔗 https://t.co/D1gi0NOd2a Critical Risk http
@darkeye_team
9 Jun 2026
342 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2026-50752: Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1 Critical Vulnerability Alert! Check Point VPN is affected by CVE-2026-50752. Full Vulnerability Details & Analysis at DarkEye: 🔗 https://t.co/otPY2a5til 🔍 Identify Targets
@zoomeye_team
9 Jun 2026
3438 Impressions
18 Retweets
35 Likes
19 Bookmarks
0 Replies
0 Quotes
Check Point VPN CVE-2026-50751 (CVSS 9.3): Qilin ransomware exploited IKEv1 auth bypass for a month before patch. Second CVE-2026-50752 for site-to-site MITM. Patch now.
@BunSnack
9 Jun 2026
6 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Check Point says CVE-2026-50751 is actively exploited to bypass auth in deprecated IKEv1 VPN setups, affecting Remote Access and Mobile Access deployments. CVE-2026-50752 may enable AitM attacks. #CheckPoint #Qilin #VPN https://t.co/76trqOvAX6
@TweetThreatNews
8 Jun 2026
201 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Check Point patched CVE-2026-50751, a critical VPN auth bypass used in zero-day attacks, and found CVE-2026-50752, an IKEv1 flaw tied to Qilin ransomware activity. #CheckPoint #Qilin #VPN https://t.co/ndUapFuQy2
@TweetThreatNews
8 Jun 2026
202 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes