criticalCISA KEVCVE-2026-50751

Check Point Security Gateway Improper Authentication Vulnerability

Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

ProductSecurity Gateway
CVSS9.3
EPSS0.70099
UpdatedJuly 9, 2026

Quick answer

Check Point Security Gateway should be reviewed and updated if it matches the affected versions. The recommended fix is to apply the vendor-supported patched version or the mitigation steps below, then retest the public website with Fixnx.

Who is affected

Affected versions

  • r81.20
  • r82
  • r82.10
  • r81.10.17
  • -
  • r82.00.10

Fixed versions

  • Apply the latest vendor-supported patched version.

How to fix it

Apply the Check Point hotfix or fixed gateway release for CVE-2026-50751 and reduce IKE/VPN exposure. If IKEv1 or affected remote-access paths are enabled, prioritize patching, log review, and credential hardening.

  1. Inventory Check Point Security Gateway and Quantum Gateway appliances with affected VPN or IKE configuration.
  2. Apply the Check Point advisory hotfix or upgrade to the fixed release for CVE-2026-50751.
  3. Disable IKEv1 where possible and migrate to stronger supported VPN configurations.
  4. Restrict VPN and management access to approved networks, certificate-based authentication, and MFA-protected users.
  5. Review VPN communities, gateway objects, rules, administrators, SIC trust, and remote-access configuration for unexpected changes.
  6. Inspect SmartConsole, gateway, VPN, and identity logs for anomalous negotiations or unauthorized sessions.
  7. Rotate administrator credentials, VPN certificates, pre-shared keys, and affected user credentials if suspicious activity is found.

Scan now. Google sign-in is only needed to unlock fix guidance.

Verify the fix

  • Confirm the gateway reports the fixed jumbo hotfix, take, or release level recommended by Check Point.
  • Validate IKEv1 is disabled or limited according to the approved exception list.
  • Review VPN logs for unexpected peers, authentication failures, or successful sessions during the vulnerable window.
  • Test legitimate VPN access after applying the fix and policy changes.
  • Run a Fixnx scan and confirm public exposure does not include unprotected gateway management surfaces.

Related categories

Trusted references

FAQ

What is affected by CVE-2026-50751?

Check Point Security Gateway versions listed as affected should be reviewed: r81.20, r82, r82.10, r81.10.17, -, r82.00.10.

What should I fix first?

Start with internet-facing sites, admin panels, login flows, plugins, themes, modules, packages, and systems that process user-controlled input or sensitive data.

How do I confirm the fix worked?

Apply the patched version or mitigation, clear caches where relevant, retest the affected workflow, and run a new Fixnx scan to verify public website exposure signals.

Why can this risk appear in multiple categories?

A vulnerability can belong to more than one platform or ecosystem. Fixnx keeps one canonical risk page while also listing it in every relevant category.