Check Point VPN IKEv1 Certificate Validation Bypass Vulnerability Allowing Traffic Interception or Modification

Vulnerability

A vulnerability exists in the certificate validation process of the outdated IKEv1 key exchange, potentially allowing an unauthenticated attacker to act as a man-in-the-middle. This could enable the attacker to bypass certificate validation in VPN site-to-site connections that rely on certificate-based authentication. Exploitation of this vulnerability could lead to the interception or alteration of traffic passing through the VPN tunnel.

Impact

Exploitation could allow for the interception or modification of VPN traffic.

Added: Jun 8, 2026, 12:23 PM

Updated: Jun 8, 2026, 12:23 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

5.0

exploitability

5.9

remediation

8.3

relevance

9.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

5.0

exploitability

5.9

remediation

8.3

relevance

9.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Check Point VPN IKEv1 Certificate Validation Bypass Vulnerability Allowing Traffic Interception or Modification

Vulnerability

Impact

Affected Products

Check Point

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating