Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows...

2.5 / 10

LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:L/E:P

Description

Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.

Basic Information

ID CVE-2026-0872

Source THA-PSIRT

Published Feb 13, 2026 at 08:53

Affected Product

Vendor Thales

Product SafeNet Agent for Windows Logon

Version 4.0.0

Affected Versions Thales SafeNet Agent for Windows Logon 4.0.0
Thales SafeNet Agent for Windows Logon 4.1.1
Thales SafeNet Agent for Windows Logon 4.1.2

CWE Classification

CWE-295

References

{
    "lastseen": "",
    "description": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon on Windows allows Signature Spoofing by Improper Validation.This issue affects SafeNet Agent for Windows Logon: 4.0.0, 4.1.1, 4.1.2.",
    "published": "2026-02-13T08:53:05.621Z",
    "modified": "2026-02-13T08:53:05.621Z",
    "type": "cve",
    "title": "Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon",
    "source": "THA-PSIRT",
    "references": "https://thalesdocs.com/sta/agents/wla-windows_logon/wla-preinstallation_passwordless/index.html\nhttps://supportportal.thalesgroup.com/csm?sys_kb_id=247fd4a42b4a7290061af3f5f291bff1&id=kb_article_view&sysparm_rank=1&sysparm_tsqueryId=5ecb72c73b927610381ecfaf55e45a0b&sysparm_article=KB0030173",
    "id": "CVE-2026-0872",
    "bulletinFamily": "",
    "cwe": [
        "CWE-295"
    ],
    "cvelist": null,
    "sourceData": "Thales SafeNet Agent for Windows Logon 4.0.0\nThales SafeNet Agent for Windows Logon 4.1.1\nThales SafeNet Agent for Windows Logon 4.1.2",
    "sourceHref": "",
    "cvss": {
        "score": 2.5,
        "severity": "LOW",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:L/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SafeNet Agent for Windows Logon",
    "version": "4.0.0",
    "vendor": "Thales",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon_CVE-2026-0872