CVE-2026-50752
7.4
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| checkpoint | Quantum Security Gateway | R82.10 with Jumbo Hotfix Take 19 or below | affected |
| checkpoint | Quantum Security Gateway | R82 with Jumbo Hotfix Take 103 or below | affected |
| checkpoint | Quantum Security Gateway | R81.20 with Jumbo Hotfix Take 141 or below | affected |
| checkpoint | Quantum Security Gateway | R81.10, R81, and R80.40 | affected |
| checkpoint | Spark Firewalls | R80.20.X, R81.10.X, and R82.00.X | affected |
Weaknesses
- CWE-295: CWE-295: Improper Certificate Validation.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.