Researchers have uncovered a critical privilege-escalation vulnerability, in Check Point’s Harmony Secure Access Service Edge Windows client software, tracked as CVE-2025-9142, that enables hackers to write or delete files outside the certificate working directory that could compromise systems.
More info can be here: https://blog.amberwolf.com/blog/2026/january/advisory—check-point-harmony-local-privilege-escalation-cve-2025-9142/
Jim Routh, Chief Trust Officer at Saviynt, commented:
“This is an excellent example of the critical need for an enhanced PAM capability (specifically one that includes a continuous identity validation capability). Enterprises should include this in their mandatory requirements for upgrading their PAM capabilities. Privileged Access Management platforms designed for people to control access to other humans is fundamentally obsolete and insufficient for protecting against credential compromise, token compromise and the migration to agents in operation through MCP servers/gateways. It’s a different “ballgame” with different requirements for identity security to be part of the critical path toward responsible use of AI. It’s time to change our PAM requirements and this vulnerability is a reinforcement of this need for enterprises.”
If you’re not familiar with PAM or Privileged Access Management, here’s a primer from Microsoft. And now would be a good time to have that discussion in order to keep your organization safe.
Like this:
Like Loading...
Related
This entry was posted on January 28, 2026 at 3:12 pm and is filed under Commentary with tags Check Point. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Check Point Harmony Secure Access Service Edge Has A Critical Local Privilege Escalation Flaw
Researchers have uncovered a critical privilege-escalation vulnerability, in Check Point’s Harmony Secure Access Service Edge Windows client software, tracked as CVE-2025-9142, that enables hackers to write or delete files outside the certificate working directory that could compromise systems.
More info can be here: https://blog.amberwolf.com/blog/2026/january/advisory—check-point-harmony-local-privilege-escalation-cve-2025-9142/
Jim Routh, Chief Trust Officer at Saviynt, commented:
“This is an excellent example of the critical need for an enhanced PAM capability (specifically one that includes a continuous identity validation capability). Enterprises should include this in their mandatory requirements for upgrading their PAM capabilities. Privileged Access Management platforms designed for people to control access to other humans is fundamentally obsolete and insufficient for protecting against credential compromise, token compromise and the migration to agents in operation through MCP servers/gateways. It’s a different “ballgame” with different requirements for identity security to be part of the critical path toward responsible use of AI. It’s time to change our PAM requirements and this vulnerability is a reinforcement of this need for enterprises.”
If you’re not familiar with PAM or Privileged Access Management, here’s a primer from Microsoft. And now would be a good time to have that discussion in order to keep your organization safe.
Share this:
Like this:
Related
This entry was posted on January 28, 2026 at 3:12 pm and is filed under Commentary with tags Check Point. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.