CVE-2026-50751
CISA KEV ActiveTitle: IKEv1 Remote Access VPN Authentication Bypass
Auth Bypass
Proof Of Concept
PoC Available for CVE-2026-50751
CWE Category
CWE-287
Published Date
Jun 08, 2026
Modified Date
Jun 09, 2026
Exploit Status
Available
Score
9.3
CVSS v
Exploit Probability (EPSS)
41.15%
Vulnerability Summary
CVE-2026-50751: A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.
Impacted Vendors
Reference Links
CVSS v3.1
Source Entity
134c704f-9b21-4f2e-91b3-4a467353bcc0
Severity
CRITICAL
9.3
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
CHANGED
RAW VECTOR
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2026-50751 Exploits & PoCs (Proof Of Concept)
GitHub
https://github.com/WadesWeaponShed/CVE-2026-50751-Mitigation-Scripts
GitHub
https://github.com/0xBlackash/CVE-2026-50751
GitHub
https://github.com/fevar54/CVE-2026-50751---Check-Point-IKEv1-Authentication-Bypass-Exploit
GitHub
https://github.com/watchtowrlabs/watchTowr-vs-Check-Point-CVE-2026-50751
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
MODIFIED
Vulnerability data updated via NVD.
Attack Vector Matrix
Access Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
NONE
CVSS Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Affected Stack
No specific products linked.