Primary

Context

Check Point Harmony SASE Exposed Log Files via Insecure SFTP Key Permissions

Vulnerability

A vulnerability in the Harmony SASE agent allowed log files uploaded during troubleshooting to be accessed by unauthorized parties. These logs could have contained temporary authentication tokens. The issue arose because the agent used a shared SFTP key embedded in the software to upload diagnostic logs. This key was granted permissions to read and list files on the server, rather than being restricted to upload-only access. Consequently, anyone with the key could access log files uploaded by other customers.

Impact

Exposed log files could be accessed by unauthorized parties, potentially including temporary authentication tokens.

Remediation

The SFTP key's permissions have been downgraded to write-only. No action is required on the customer side.

Added: Aug 12, 2025, 3:44 PM

Updated: Aug 12, 2025, 3:44 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Check Point Harmony SASE Exposed Log Files via Insecure SFTP Key Permissions

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating