Local Credential Caching Flaw in Check Point VPN-1 SecuRemote for Windows
CVE-2008-0662
7.8HIGH
Summary
The Auto Local Logon feature in Check Point's VPN-1 SecuRemote/SecureClient NGX versions R60 and R56 for Windows has a security flaw that allows local users to exploit overly permissive access rights. The vulnerability stems from the fact that credentials are cached under the Checkpoint\SecuRemote registry key, which permits 'Everyone' full control permissions. Consequently, unauthorized local users can read and reuse compromised credentials to gain elevated privileges within the system. Organizations using this software should take immediate action to mitigate potential risks.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved