Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
IDExpert Windows Logon Agent allows unauthorized code to run on your system
CVE-2026-2999
Summary
The IDExpert Windows Logon Agent has a security weakness that lets hackers access your system without permission, allowing them to force your system to download and run malicious software. This could lead to data theft, system compromise, or other security issues. Update the software to the latest version to fix this vulnerability.
Original title
IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary executable files fr...
Original description
IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary executable files from a remote source and execute them.
nvd CVSS3.1
9.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-494
Published: 2 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026