Primary

Context

Thales SafeNet Agent for Windows Logon Improper Certificate Validation Vulnerability Allowing Signature Spoofing

Vulnerability

A vulnerability allowing signature spoofing has been identified in Thales SafeNet Agent for Windows Logon. This issue arises from improper certificate validation and affects versions 4.0.0, 4.1.1, and 4.1.2.

Impact

The vulnerability allows for signature spoofing, which could be exploited to bypass authentication mechanisms that rely on certificate validation.

Remediation

Users can upgrade to SafeNet Agent for Windows Logon version 4.1.3, which is available for download from the Thales Support Portal.

Added: Feb 13, 2026, 9:24 AM

Updated: Feb 13, 2026, 2:43 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.6

remediation

0.0

relevance

2.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.6

remediation

0.0

relevance

2.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Thales SafeNet Agent for Windows Logon Improper Certificate Validation Vulnerability Allowing Signature Spoofing

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating