Description
Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.
Published: 2026-02-13
Score: 2.5 Low
EPSS: < 1% Very Low
KEV: No
Impact: Signature Spoofing by improper certificate validation
Action: Apply Patch
AI Analysis

Impact

The vulnerability in Thales SafeNet Agent for Windows Logon permits an attacker to forge digital signatures due to improper certificate validation. This flaw is classified as CWE‑295 and can enable an attacker to authenticate as a legitimate user or execute privileged actions that are normally protected by certificate‑based authentication.

Affected Systems

Affected by this flaw are Thales SafeNet Agent for Windows Logon versions 4.0.0, 4.1.1, and 4.1.2. Users running any of these releases on Windows are exposed to potential signature spoofing.

Risk and Exploitability

The CVSS score of 2.5 indicates low severity, and the EPSS score of less than 1% suggests a very low probability of exploitation. The vulnerability is not currently listed in the CISA KEV catalog. The likely attack vector is a local or remote attacker with the capability to supply forged certificates to the agent. No specific intrusion prerequisites are described, but the flaw allows bypassing authentication mechanisms that rely on validated certificates.

Generated by OpenCVE AI on April 17, 2026 at 19:54 UTC.

Remediation

Vendor Solution

Upgrade to version 4.1.3.

OpenCVE Recommended Actions

  • Apply the vendor’s patch by upgrading the SafeNet Agent for Windows Logon to version 4.1.3 or later.
  • Reconfigure the agent’s certificate validation settings to enforce strict checks against the system’s trusted root store and disable any custom validation pathways.
  • Restrict installation and configuration rights for the SafeNet Agent to privileged accounts to prevent unauthorized certificate manipulation.

Generated by OpenCVE AI on April 17, 2026 at 19:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 13 Feb 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 13 Feb 2026 09:15:00 +0000

Type Values Removed Values Added
Description Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.
Title Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon
First Time appeared Thales
Thales safenet Agent For Windows Logon
Weaknesses CWE-295
CPEs cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.0.0:*:windows:*:*:*:*:*
cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.1.1:*:windows:*:*:*:*:*
cpe:2.3:a:thales:safenet_agent_for_windows_logon:4.1.2:*:windows:*:*:*:*:*
Vendors & Products Thales
Thales safenet Agent For Windows Logon
References
Metrics cvssV4_0

{'score': 2.5, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:L/E:P'}

Subscriptions

Thales Safenet Agent For Windows Logon
cve-icon MITRE

Status: PUBLISHED

Assigner: THA-PSIRT

Published:

Updated: 2026-02-13T12:47:30.747Z

Reserved: 2026-01-13T09:32:05.991Z

Link: CVE-2026-0872

cve-icon Vulnrichment

Updated: 2026-02-13T12:47:23.404Z

cve-icon NVD

Status : Deferred

Published: 2026-02-13T09:16:07.753

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-0872

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T20:00:09Z

Weaknesses