Check Point · Check Point Vpn-1 Securemote/Secureclient · CVE-2008-0662
**Name of the Vulnerable Software and Affected Versions**
Check Point VPN-1 SecuRemote/SecureClient NGX versions R56 and R60
**Description**
The issue concerns the Auto Local Logon feature, which caches credentials in a registry key with inadequate permissions, allowing local users to read and reuse these credentials to gain privileges.
**Recommendations**
For versions R56 and R60, consider restricting access to the CheckpointSecuRemote registry key to prevent unauthorized users from reading the cached credentials. As a temporary workaround, disabling the Auto Local Logon feature may help minimize the risk of exploitation until a more permanent solution is available.