Checkpoint VPN IKE Fragment Value DoS Vulnerability
CVE-2026-48131 Published on May 26, 2026
VPND IKE Fragment Reassembly - Heap Out-of-Bounds Write via Sequence Number Zero
The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service (temporary disruption of VPN-related functionality).
Vulnerability Analysis
CVE-2026-48131 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Products Associated with CVE-2026-48131
Want to know whenever a new CVE is published for Check Point Software Security Gateway? stack.watch will email you.
Affected Versions
checkpoint Quantum Security Gateway:- Version R82.10 with Jumbo Hotfix Take 6 or below is affected.
- Version R82 with Jumbo Hotfix Take 91 or below is affected.
- Version R81.20 with Jumbo Hotfix Take 127 or below is affected.
- Version All releases from R81.10 and below is affected.