Checkpoint's SecureClient reveals logon information
There is a vulnerability in the "Auto Local Logon" option of Checkpoint's SecureClient, which allows users to obtain the VPN logon information of other system users. The application stores credentials in the registry (HKLM\Software\Checkpoint\SecuRemote
), without setting proper access rights. These may therefore be viewed by anyone. Systems affected are VPN-1 SecuRemote/SecureClient NGX R60 and NGAI R56 for Windows. An update fixes the problem.
See also:
- SecuRemote/SecureClient NGX R60 HFA_02 Supplement 2 protects against Auto Local Logon vulnerability, advisory from Checkpoint.
(ehe)