Unauthorized File Access in Check Point Security Gateway with Identity Awareness Blade Enabled
CVE-2026-48133

7.5HIGH

Key Information:

Vendor: Checkpoint
Status: Quantum Security Gateway
Vendor: CVE Published:; 26 May 2026

What is CVE-2026-48133?

The Security Gateway from Check Point experiences a vulnerability when the Identity Awareness blade is enabled with Browser-Based Authentication. This flaw allows an unauthenticated user to access and potentially read confidential internal files stored within the Security Gateway. Organizations utilizing this product should implement immediate remediation steps to safeguard sensitive data from unauthorized exposure.

Affected Version(s)

Quantum Security Gateway R82.10 with Jumbo Hotfix Take 6 or below

Quantum Security Gateway R82 with Jumbo Hotfix Take 91 or below

Quantum Security Gateway R81.20 with Jumbo Hotfix Take 127 or below

References

https://support.checkpoint.com/results/sk/sk184993

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 26, 2026
Vulnerability Reserved
May 20, 2026

CVE-2026-48133 Data

JSON

Checkpoint

What is CVE-2026-48133?

Affected Version(s)

References

CVSS V3.1

Timeline