Primary

Context

Check Point Identity Agent for Terminal Services Sensitive Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability exists in Check Point Identity Agent for Terminal Services, specifically in versions R81.10, R81.20, R82, and R82.10. An authenticated local user can access sensitive information printed in plaintext in the application's debug files. This information can be used to claim security policy rules assigned to another user, potentially leading to unauthorized access to resources based on those rules.

Impact

Exploitation of this vulnerability allows an authenticated local user to access and misuse security policy resources assigned to other users.

Remediation

Users can upgrade to Identity Agent for a Terminal Server version 81.084.0000 or later. The latest version can be downloaded from Check Point's support site (sk134312).

Added: Dec 22, 2025, 8:17 AM

Updated: Dec 22, 2025, 8:17 AM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Check Point Identity Agent for Terminal Services Sensitive Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Check Point Identity Agent for Terminal Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating