CVE-2026-50752

CVSS Score & Metrics

Base Score

7.4 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N                                    

Vulnerability Description

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.

Vulnerability Details

Published Date

June 08, 2026

Last Modified

June 08, 2026

CWE ID

CWE-295

Source

NVD

Vendor

checkpoint

Product

Quantum Security Gateway, Spark Firewalls

External References

https://support.checkpoint.com/results/sk/sk185035

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment