CHECK Point has issued a warning about a critical zero-day vulnerability (CVE-2026-50751) in its Remote Access VPN and Mobile Access solutions, which is actively being exploited. The flaw allows attackers to bypass user authentication using a logic weakness in certificate validation related to the deprecated IKEv1 key exchange protocol. Since May 7, the vulnerability has been exploited by a group associated with the Qilin ransomware, targeting various organizations globally.
Check Point also discovered another vulnerability (CVE-2026-50752), which is not currently exploited but could allow man-in-the-middle attacks. Customers are urged to apply updates to mitigate these threats.