CVE-2008-0662

Name of the Vulnerable Software and Affected Versions Check Point VPN-1 SecuRemote/SecureClient NGX versions R56 and R60

Description The issue concerns the Auto Local Logon feature, which caches credentials in a registry key with inadequate permissions, allowing local users to read and reuse these credentials to gain privileges.

Recommendations For versions R56 and R60, consider restricting access to the CheckpointSecuRemote registry key to prevent unauthorized users from reading the cached credentials. As a temporary workaround, disabling the Auto Local Logon feature may help minimize the risk of exploitation until a more permanent solution is available.