Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1
CVE-2026-50752

7.4HIGH

Key Information:

Vendor: Checkpoint
Status: Quantum Security Gateway; Spark Firewalls
Vendor: CVE Published:; 8 June 2026

What is CVE-2026-50752?

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.

Affected Version(s)

Quantum Security Gateway R82.10 with Jumbo Hotfix Take 19 or below

Quantum Security Gateway R82 with Jumbo Hotfix Take 103 or below

Quantum Security Gateway R81.20 with Jumbo Hotfix Take 141 or below

References

https://support.checkpoint.com/results/sk/sk185035

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 8, 2026
Vulnerability Reserved
Jun 7, 2026

CVE-2026-50752 Data

JSON

Checkpoint

What is CVE-2026-50752?

Affected Version(s)

References

CVSS V3.1

Timeline