[Vulnerability Alert] Changing Information Technology | IDExpert Windows Logon Agent - 2 Vulnerabilities Identified

• Subject Explanation: [Vulnerability Alert] Changing Information Technology | IDExpert Windows Logon Agent - 2 Vulnerabilities Identified

• Content Description:
  • Forwarding Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) Security Alert TWCERTCC-200-202603-00000002
  • [Changing Information Technology | [cite_start]IDExpert Windows Logon Agent - Remote Code Execution] (CVE-2026-2999, CVSS: 9.8) An unauthenticated remote attacker can cause the system to download and execute arbitrary remote executable files. [cite: 1]
  • [Changing Information Technology | [cite_start]IDExpert Windows Logon Agent - Remote Code Execution] (CVE-2026-3000, CVSS: 9.8) An unauthenticated remote attacker can cause the system to download and execute arbitrary remote DLL files. [cite: 1]
• Impacted Platforms:
  • [cite_start]IDExpert Windows Logon Agent versions 2.7.3.230719 to 2.8.4.250925 [cite: 1]
• Suggested Measures:
  • [cite_start]Contact the vendor for patching or visit the official Changing Information Technology website to download the patching tool. [cite: 1]
• References:
  1. [cite_start]https://www.twcert.org.tw/tw/cp-132-10740-b2eb2-1.html [cite: 1]

Computer and Communication Center
Network Systems Division