漏洞关键信息 TVN ID: TVN-202603001 CVE ID: CVE-2026-2999, CVE-2026-3000 CVSS: - CVE-2026-2999: 9.8 (Critical) - CVE-2026-3000: 9.8 (Critical) Affected Products: iDExpert Windows Logon Agent version from 2.7.3.230719 to 2.8.4.250925 Description: - CVE-2026-2999 (Remote Code Execution): Unauthenticated remote attackers can force the system to download arbitrary executable files from a remote source and execute them. - CVE-2026-3000 (Remote Code Execution): Unauthenticated remote attackers can force the system to download arbitrary DLL files from a remote source and execute them. Solution: Contact the vendor to patch or download the patch from the official website. Link Credit: Linwz(DEV CORE) Public Date: 2026-03-02