CISA has added CVE‑2026‑50751 to its Known Exploited Vulnerabilities catalogue. The entry concerns Check Point’s Security Gateway product and describes an improper authentication vulnerability in the IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid password.
The flaw resides in the IKEv1 authentication mechanism, permitting an attacker who can reach the gateway to forge credentials and gain VPN access. The vulnerability is rated with a CVSS score of 0.0, indicating a low severity according to the NVD metric, though the potential impact includes unauthorised network ingress. CISA notes that a patch status is currently unknown, although Check Point has published a hotfix advisory.
Active exploitation has been confirmed, which is the basis for the KEV inclusion. No ransomware campaign has been linked to this CVE to date. Federal civilian executive branch agencies must apply mitigations by the remediation due date of 2026‑06‑11.
CISA requires agencies to apply mitigations per vendor instructions, follow applicable BOD 22‑01 guidance for cloud services, or discontinue use of the product if mitigations cannot be applied. While the directive binds FCEB agencies, all organisations should review their exposure to Check Point Security Gateways and implement the recommended steps.
For full technical details, refer to the NVD entry at https://nvd.nist.gov/vuln/detail/CVE-2026-50751 and the CISA KEV catalogue.