A critical vulnerability in Check Point Remote Access VPN, Mobile Access, and Spark Firewall products allows attackers to bypass authentication and establish unauthorized VPN connections through a logic error in IKEv1 certificate validation. The flaw carries a CVSS score of 9.3 and is currently being actively exploited in the wild.

Why it matters in Western Canada: Western Canadian organizations across government, healthcare, and finance sectors commonly deploy Check Point VPN gateways for secure remote access. Active exploitation of this authentication bypass poses immediate risk to sensitive data and critical infrastructure access.

CVEs: CVE-2026-50751

---

Summary generated from the original advisory. Read the full source: arctic-wolf