Primary

Context

Check Point Identity Agent for Windows Terminal Server Security Policy Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability exists in Check Point Identity Agent for Windows Terminal Server, specifically in versions R81.10, R81.20, and R82. An authenticated local user can access sensitive information in the Windows Registry that allows them to claim security policy rules assigned to another user. This issue affects both version 1 (MUH1) and version 2 (MUH2) of the Identity Agent for Terminal Server.

Impact

Exploitation of this vulnerability could lead to unauthorized access to security policy resources assigned to different users.

Remediation

Users can upgrade to Identity Agent for a Terminal Server version 81.084.0000 or later. The latest version can be downloaded from Check Point's support site (sk134312).

Added: Dec 22, 2025, 8:17 AM

Updated: Dec 22, 2025, 8:17 AM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

1.3

exploitability

3.3

remediation

7.7

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

1.3

exploitability

3.3

remediation

7.7

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Check Point Identity Agent for Windows Terminal Server Security Policy Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Check Point Identity Agent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating