Forescout SecureConnector 11.2

CPE Details

Forescout SecureConnector 11.2
forescout
secureconnector
11.2
2023-09-12
15h30 +00:00
2023-09-12
15h30 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:forescout:secureconnector:11.2:*:*:*:*:*:*:*

Informations

Vendor

forescout

Product

secureconnector

Version

11.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-4660 2025-05-13 17h34 +00:00 A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent.  This does not impact Linux or OSX Secure Connector.
8.7
High
CVE-2023-39374 2023-09-03 14h48 +00:00 ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element
7.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.