TECH NEWS

A Qilin ransomware affiliate exploited a Check Point VPN zero-day for a month before a patch existed

https://media.thenextweb.com/2026/06/TNW-Article-Banner-1.avif

TL;DR

Check Point patched a critical VPN zero-day (CVE-2026-50751) exploited since May 7 by a Qilin ransomware affiliate targeting dozens of organisations.

Check Point has disclosed and patched a critical zero-day vulnerability in its Remote Access VPN and Mobile Access products that a Qilin ransomware affiliate exploited for roughly a month before a fix was available. The flaw, tracked as CVE-2026-50751 with a CVSS score of 9.3, allows an unauthenticated attacker to bypass password authentication entirely and establish a VPN session by exploiting a logic error in certificate validation.

The vulnerability affects VPN deployments configured to use IKEv1, a deprecated key exchange protocol that Check Point still supports for legacy remote access clients. The company said in a security advisory published on Sunday that it first detected suspicious activity on 4 June, but the earliest confirmed exploitation dates to 7 May. Attacks have ramped up significantly this month.

Check Point...

Copyright of this story solely belongs to thenextweb.com. To see the full text click HERE

Read more