Two vulnerabilities have been identified in Check Point Security Gateways and Remote Access VPN environments that use the outdated IKEv1 protocol. This protocol is used within IPsec (Internet Protocol Security) to establish secure connections between two parties, such as VPN clients and servers.
The vulnerabilities, CVE-2026-50751 and CVE-2026-50752, affect VPN authentication and certificate validation. These flaws allow attackers to gain access to VPN environments without valid authentication.
Check Point has confirmed that CVE-2026-50751 has been exploited as a zero-day vulnerability. In one instance, criminals reportedly used it to deploy ransomware.
The Dutch National Cyber Security Centre (NCSC) therefore expects large-scale exploitation of these vulnerabilities in the short term.