topic CVE-2026-50751-Mitigation-Scripts in Automation and APIs https://community.checkpoint.com/t5/Automation-and-APIs/CVE-2026-50751-Mitigation-Scripts/m-p/278026#M25 <P>This is more for MDS customers than it is for SMS but I did include the one line for SMS even though you just need to click one box in the GUI. I'm a cli guy so I like it.&nbsp;</P> <P>I have since updated this to do either mitigation 1 or 2 automatically. So there are scripts to turn off the legacy check box or to turn off ikev1</P> <P>The legacy check box is through generic object but I tested on my SMS with multiple gateways and it worked great. Use at own risk though because of generic object.</P> <P>MDS this will make the global change to ike v2 on all Domains for you. Quicker than open close. Please note changing to ike v2 is mitigation step 2 and you should make sure you read&nbsp;<A href="https://support.checkpoint.com/results/sk/sk166415" target="_blank" rel="noopener">https://support.checkpoint.com/results/sk/sk166415</A>&nbsp;before making that switch.</P> <P>I am working on scripts to do the per-gateway mitigation of disabling legacy clients.</P> <P><A href="https://github.com/WadesWeaponShed/CVE-2026-50751-Mitigation-Scripts" target="_blank" rel="noopener">https://github.com/WadesWeaponShed/CVE-2026-50751-Mitigation-Scripts</A></P> <P>&nbsp;</P> <P>&nbsp;</P> Mon, 08 Jun 2026 16:12:58 GMT Adam_Forester 2026-06-08T16:12:58Z CVE-2026-50751-Mitigation-Scripts https://community.checkpoint.com/t5/Automation-and-APIs/CVE-2026-50751-Mitigation-Scripts/m-p/278026#M25 <P>This is more for MDS customers than it is for SMS but I did include the one line for SMS even though you just need to click one box in the GUI. I'm a cli guy so I like it.&nbsp;</P> <P>I have since updated this to do either mitigation 1 or 2 automatically. So there are scripts to turn off the legacy check box or to turn off ikev1</P> <P>The legacy check box is through generic object but I tested on my SMS with multiple gateways and it worked great. Use at own risk though because of generic object.</P> <P>MDS this will make the global change to ike v2 on all Domains for you. Quicker than open close. Please note changing to ike v2 is mitigation step 2 and you should make sure you read&nbsp;<A href="https://support.checkpoint.com/results/sk/sk166415" target="_blank" rel="noopener">https://support.checkpoint.com/results/sk/sk166415</A>&nbsp;before making that switch.</P> <P>I am working on scripts to do the per-gateway mitigation of disabling legacy clients.</P> <P><A href="https://github.com/WadesWeaponShed/CVE-2026-50751-Mitigation-Scripts" target="_blank" rel="noopener">https://github.com/WadesWeaponShed/CVE-2026-50751-Mitigation-Scripts</A></P> <P>&nbsp;</P> <P>&nbsp;</P> Mon, 08 Jun 2026 16:12:58 GMT https://community.checkpoint.com/t5/Automation-and-APIs/CVE-2026-50751-Mitigation-Scripts/m-p/278026#M25 Adam_Forester 2026-06-08T16:12:58Z