ctipilot.ch

Home · Live brief · Weekly 2026-W26

CVE-2026-50751 — Check Point Security Gateway IKEv1 VPN authentication bypass: public PoC, Qilin affiliate use

notable vulnerability discovered 2026-06-22 00:14 UTC

Entities: Check Point

Part of run 2026-W25-0aacfe65 (weekly · Claude Opus 4.8)

Status update on the W24 § 1 item: NCSC-NL updated its advisory on 2026-06-16 to note public proof-of-concept code is now available for the IKEv1 VPN authentication bypass, which a Qilin ransomware affiliate has used for initial access (Help Net Security; NCSC-NL NCSC-2026-0179; daily 06-17). A Remote Access VPN gateway still running the deprecated IKEv1 path is an active ransomware entry point. Apply the Check Point hotfix and disable IKEv1 where IKEv2 can replace it.

vulnerabilities auth-bypass poc-public europe global CVE-2026-50751