Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for SafeNet Agent for Windows Logon by Thales

    CVE-2026-0872 (GCVE-0-2026-0872)

    Vulnerability from nvd – Published: 2026-02-13 08:53 – Updated: 2026-02-13 12:47
    VLAI
    Title
    Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon
    Summary
    Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    Impacted products
    Vendor Product Version
    Thales SafeNet Agent for Windows Logon Affected: 4.0.0
    Affected: 4.1.1
    Affected: 4.1.2
    Create a notification for this product.
    Date Public
    2026-02-08 08:52
    Credits
    Huy Kha, Director of Security Research, and the team at Netwrix
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0872",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-13T12:47:11.793545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-13T12:47:30.747Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "SafeNet Agent for Windows Logon",
              "vendor": "Thales",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "4.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.1.2"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.0.0:*:windows:*:*:*:*:*",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.1.1:*:windows:*:*:*:*:*",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.1.2:*:windows:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Huy Kha, Director of Security Research, and the team at Netwrix"
            }
          ],
          "datePublic": "2026-02-08T08:52:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.\u003cp\u003eThis issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.\u003c/p\u003e"
                }
              ],
              "value": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-475",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-475 Signature Spoofing by Improper Validation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 2.5,
                "baseSeverity": "LOW",
                "exploitMaturity": "PROOF_OF_CONCEPT",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:L/E:P",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-13T08:53:05.621Z",
            "orgId": "9d5917ae-205d-4ae5-8749-1f49479b1395",
            "shortName": "THA-PSIRT"
          },
          "references": [
            {
              "tags": [
                "mitigation"
              ],
              "url": "https://thalesdocs.com/sta/agents/wla-windows_logon/wla-preinstallation_passwordless/index.html"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportportal.thalesgroup.com/csm?sys_kb_id=247fd4a42b4a7290061af3f5f291bff1\u0026id=kb_article_view\u0026sysparm_rank=1\u0026sysparm_tsqueryId=5ecb72c73b927610381ecfaf55e45a0b\u0026sysparm_article=KB0030173"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to version 4.1.3."
                }
              ],
              "value": "Upgrade to version 4.1.3."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9d5917ae-205d-4ae5-8749-1f49479b1395",
        "assignerShortName": "THA-PSIRT",
        "cveId": "CVE-2026-0872",
        "datePublished": "2026-02-13T08:53:05.621Z",
        "dateReserved": "2026-01-13T09:32:05.991Z",
        "dateUpdated": "2026-02-13T12:47:30.747Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-0872 (GCVE-0-2026-0872)

    Vulnerability from cvelistv5 – Published: 2026-02-13 08:53 – Updated: 2026-02-13 12:47
    VLAI
    Title
    Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon
    Summary
    Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    Impacted products
    Vendor Product Version
    Thales SafeNet Agent for Windows Logon Affected: 4.0.0
    Affected: 4.1.1
    Affected: 4.1.2
    Create a notification for this product.
    Date Public
    2026-02-08 08:52
    Credits
    Huy Kha, Director of Security Research, and the team at Netwrix
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-0872",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-13T12:47:11.793545Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-13T12:47:30.747Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "SafeNet Agent for Windows Logon",
              "vendor": "Thales",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0.0"
                },
                {
                  "status": "affected",
                  "version": "4.1.1"
                },
                {
                  "status": "affected",
                  "version": "4.1.2"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.0.0:*:windows:*:*:*:*:*",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.1.1:*:windows:*:*:*:*:*",
                      "vulnerable": true
                    },
                    {
                      "criteria": "cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.1.2:*:windows:*:*:*:*:*",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Huy Kha, Director of Security Research, and the team at Netwrix"
            }
          ],
          "datePublic": "2026-02-08T08:52:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.\u003cp\u003eThis issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.\u003c/p\u003e"
                }
              ],
              "value": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-475",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-475 Signature Spoofing by Improper Validation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 2.5,
                "baseSeverity": "LOW",
                "exploitMaturity": "PROOF_OF_CONCEPT",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:L/E:P",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "LOW",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-13T08:53:05.621Z",
            "orgId": "9d5917ae-205d-4ae5-8749-1f49479b1395",
            "shortName": "THA-PSIRT"
          },
          "references": [
            {
              "tags": [
                "mitigation"
              ],
              "url": "https://thalesdocs.com/sta/agents/wla-windows_logon/wla-preinstallation_passwordless/index.html"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://supportportal.thalesgroup.com/csm?sys_kb_id=247fd4a42b4a7290061af3f5f291bff1\u0026id=kb_article_view\u0026sysparm_rank=1\u0026sysparm_tsqueryId=5ecb72c73b927610381ecfaf55e45a0b\u0026sysparm_article=KB0030173"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Upgrade to version 4.1.3."
                }
              ],
              "value": "Upgrade to version 4.1.3."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9d5917ae-205d-4ae5-8749-1f49479b1395",
        "assignerShortName": "THA-PSIRT",
        "cveId": "CVE-2026-0872",
        "datePublished": "2026-02-13T08:53:05.621Z",
        "dateReserved": "2026-01-13T09:32:05.991Z",
        "dateUpdated": "2026-02-13T12:47:30.747Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }