{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-50752","assignerOrgId":"897c38be-0345-43cd-b6cf-fe179e0c4f45","state":"PUBLISHED","assignerShortName":"checkpoint","dateReserved":"2026-06-07T09:42:08.252Z","datePublished":"2026-06-08T11:00:38.563Z","dateUpdated":"2026-06-10T13:36:24.946Z"},"containers":{"cna":{"affected":[{"product":"Quantum Security Gateway","vendor":"checkpoint","versions":[{"status":"affected","version":"R82.10 with Jumbo Hotfix Take 19 or below"},{"status":"affected","version":"R82 with Jumbo Hotfix Take 103 or below"},{"status":"affected","version":"R81.20 with Jumbo Hotfix Take 141 or below"},{"status":"affected","version":"R81.10, R81, and R80.40"}]},{"product":"Spark Firewalls","vendor":"checkpoint","versions":[{"status":"affected","version":"R80.20.X, R81.10.X, and R82.00.X"}]}],"title":"Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1","descriptions":[{"lang":"en","value":"A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-295","description":"CWE-295: Improper Certificate Validation.","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"897c38be-0345-43cd-b6cf-fe179e0c4f45","shortName":"checkpoint","dateUpdated":"2026-06-08T11:00:38.563Z"},"references":[{"url":"https://support.checkpoint.com/results/sk/sk185035"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":7.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-06-09T03:55:37.901004Z","id":"CVE-2026-50752","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-06-10T13:36:24.946Z"}}]}}