Date Posted: 2026/03/05
[Vulnerability Alert] Changing Information Technology | IDExpert Windows Logon Agent - 2 Vulnerabilities Identified
- Subject Explanation: [Vulnerability Alert] Changing Information Technology | IDExpert Windows Logon Agent - 2 Vulnerabilities Identified
- Content Description:
- Forwarding Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) Security Alert TWCERTCC-200-202603-00000002
- [Changing Information Technology | [cite_start]IDExpert Windows Logon Agent - Remote Code Execution] (CVE-2026-2999, CVSS: 9.8) An unauthenticated remote attacker can cause the system to download and execute arbitrary remote executable files. [cite: 1]
- [Changing Information Technology | [cite_start]IDExpert Windows Logon Agent - Remote Code Execution] (CVE-2026-3000, CVSS: 9.8) An unauthenticated remote attacker can cause the system to download and execute arbitrary remote DLL files. [cite: 1]
- Impacted Platforms:
- [cite_start]IDExpert Windows Logon Agent versions 2.7.3.230719 to 2.8.4.250925 [cite: 1]
- Suggested Measures:
- [cite_start]Contact the vendor for patching or visit the official Changing Information Technology website to download the patching tool. [cite: 1]
- References:
- [cite_start]https://www.twcert.org.tw/tw/cp-132-10740-b2eb2-1.html [cite: 1]
Computer and Communication Center
Network Systems Division
