Local Credential Caching Flaw in Check Point VPN-1 SecuRemote for Windows
CVE-2008-0662

7.8HIGH

Key Information:

Vendor
Checkpoint
Status
Vpn-1 Secureclient
Vendor
CVE Published:
8 February 2008

Summary

The Auto Local Logon feature in Check Point's VPN-1 SecuRemote/SecureClient NGX versions R60 and R56 for Windows has a security flaw that allows local users to exploit overly permissive access rights. The vulnerability stems from the fact that credentials are cached under the Checkpoint\SecuRemote registry key, which permits 'Everyone' full control permissions. Consequently, unauthorized local users can read and reuse compromised credentials to gain elevated privileges within the system. Organizations using this software should take immediate action to mitigate potential risks.

References

http://securityreason.com/securityalert/3627
third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/27675
vdb-entryx_refsource_BID
https://usercenter.checkpoint.com/usercenter/portal/user/...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.