← back
CVE-2025-8304

Information Disclosure in Identity Agent Registry Keys

CVSS 6.5 MEDIUMEPSS 0.1%CWE-200
An authenticated local user can obtain information that allows claiming security policy rules of another user due to sensitive information being accessible in the Windows Registry keys for Check Point Identity Agent running on a Terminal Server.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Affected products
checkpoint · Identity Agent

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.checkpoint.com/results/sk/sk184263