CVE-2026-48131

Summary

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service (temporary disruption of VPN-related functionality).

Affected Software

VendorProductVersion RangeStatus
checkpointQuantum Security GatewayR82.10 with Jumbo Hotfix Take 6 or belowaffected
checkpointQuantum Security GatewayR82 with Jumbo Hotfix Take 91 or belowaffected
checkpointQuantum Security GatewayR81.20 with Jumbo Hotfix Take 127 or belowaffected
checkpointQuantum Security GatewayAll releases from R81.10 and belowaffected

Weaknesses

  • CWE-122: CWE-122: Heap-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References