CVE-2026-50752

HIGH7.4/ 10.0
Share:
Published: June 8, 2026 at 12:16 PM
Modified: June 17, 2026 at 10:57 AM
Source: cve@checkpoint.com

Vulnerability Description

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could allow interception or modification of traffic traversing the VPN tunnel.

CVSS Metrics

Base Score
7.4
Severity
HIGH
Vector String
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Weaknesses (CWE)

Source: cve@checkpoint.com