> TritonInfoSec News
Home / Jun 09, 2026 / Story
0
#1 The Hacker News general June 08, 2026 at 14:17 UTC

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

By [email protected] (The Hacker News)

AI Summary

Check Point disclosed CVE-2026-50751 (CVSS 9.3), a critical logic flaw in certificate validation affecting Remote Access VPN and Mobile Access deployments using the deprecated IKEv1 protocol, allowing unauthenticated remote attackers to bypass passwords. Active exploitation has been traced back to early May, with a Qilin ransomware affiliate blamed for at least one confirmed incident. Administrators running IKEv1-configured Check Point gateways should patch immediately and consider migrating to IKEv2.

Read full article → https://thehackernews.com/2026/06/critical-check-p…

Relevance score: 92.0/100

# More from June 09

  1. 2
    One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public The Hacker News
  2. 3
    Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order The Hacker News
  3. 4
    UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign The Hacker News
  4. 5
    New Shai-Hulud attack trojanizes 19 science-focused PyPI packages BleepingComputer
  5. 6
    VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances The Hacker News
  6. 7
    Critical UniFi OS bug lets hackers gain root without authentication BleepingComputer
  7. 8
    For the 2nd time in weeks, Microsoft packages laced with credential stealer Ars Technica Security
  8. 9
    Over 20,000 Instagram accounts stolen in Meta AI support hack BleepingComputer
  9. 10
    SolarWinds Serv-U Vulnerability Exploited in the Wild SecurityWeek