Forescout Secureconnector vulnerabilities
6 known vulnerabilities affecting forescout/secureconnector.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-4660P2CRITICALCVSS 9.8≥ 11.1.02.1019, < 11.3.7≤ 11.3.62025-05-13
CVE-2025-4660 [CRITICAL] CWE-276 CVE-2025-4660: A remote code execution vulnerability exists in the Windows agent component of SecureConnector due t
A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can re
nvd
CVE-2024-9950P3HIGHCVSS 7.8≥ 11.3.07.0109, < 11.3.12≥ v11.3.07.0109, ≤ v11.3.112025-01-02
CVE-2024-9950 [HIGH] CWE-379 CVE-2024-9950: A vulnerability in Forescout SecureConnector v11.3.07.0109 on Windows allows unauthenticated user
A vulnerability in Forescout SecureConnector v11.3.07.0109 on Windows allows
unauthenticated user to modify compliance scripts due to insecure temporary directory.
nvd
CVE-2023-39374P4HIGHCVSS 7.8v11.22023-09-03
CVE-2023-39374 [HIGH] CWE-427 CVE-2023-39374: ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element
ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element
nvd
CVE-2024-22795P4HIGHCVSS 7.0v11.3.06.00632024-02-08
CVE-2024-22795 [HIGH] CWE-269 CVE-2024-22795: Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attack
Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component.
nvd
CVE-2024-9949P4MEDIUMCVSS 6.1v11.1.02.1019≥ 11.1.02.1019, ≤ 11.3.52024-10-23
CVE-2024-9949 [MEDIUM] CWE-1188 CVE-2024-9949: Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to c
Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to corrupt the configuration file and cause Denial of Service in the application.
nvd
CVE-2021-36724P4MEDIUMCVSS 5.5v11.0.4.10242021-12-29
CVE-2021-36724 [MEDIUM] CWE-120 CVE-2021-36724: ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions
ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash.
nvd