彙總 forescout 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
已披露問題常與 路徑處理缺陷、緩衝區溢位與輸入驗證問題 相關,可能在 生產負載與軟體部署 場景中帶來 異常行為與檔案覆寫 等暴露風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-4660 | A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent. This does not impact Linux or OSX Secu | a14582b7-06f4-4d66-8e82-3d7ba3739e88 | 8.7 | 0.96% | 2025-05-13 | 2026-06-17 |
| CVE-2024-9950 | A vulnerability in Forescout SecureConnector v11.3.07.0109 on Windows allows unauthenticated user to modify compliance scripts due to insecure temporary directory. | a14582b7-06f4-4d66-8e82-3d7ba3739e88 | 8.5 | 0.30% | 2025-01-02 | 2026-06-17 |
| CVE-2024-9949 | Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to corrupt the configuration file and cause Denial of Service in the application. | a14582b7-06f4-4d66-8e82-3d7ba3739e88 | 5.8 | 0.14% | 2024-10-23 | 2026-06-17 |
| CVE-2024-22795 | Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component. | [email protected] | 7.0 | 0.31% | 2024-02-08 | 2026-06-17 |
| CVE-2023-39374 | ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element | [email protected] | 7.8 | 0.19% | 2023-09-03 | 2026-06-17 |
| CVE-2021-36724 | ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash. | [email protected] | 6.1 | 0.22% | 2021-12-29 | 2026-06-16 |
| CVE-2021-28098 | An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for the Everyone group. Using a symbolic link allows an attacker to point the log file to a privileged location such as %WINDIR%\System32. The resulting log file adopts the file permissions of the source | [email protected] | 7.8 | 0.40% | 2021-04-14 | 2026-06-16 |
| CVE-2016-9486 | On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector agent runs various plugin scripts and executables on the endpoint in order to gather and report information about the host to the CounterACT management appliance. The SecureConnector agent downloads these | [email protected] | 7.8 | 1.23% | 2018-07-13 | 2026-06-16 |
| CVE-2016-9485 | On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector agent runs various plugin scripts and executables on the endpoint in order to gather and report information about the host to the CounterACT management appliance. The SecureConnector agent downloads these | [email protected] | 7.8 | 1.23% | 2018-07-13 | 2026-06-16 |
| CVE-2012-4985 | The Forescout CounterACT NAC device 6.3.4.1 does not block ARP and ICMP traffic from unrecognized clients, which allows remote attackers to conduct ARP poisoning attacks via crafted packets. | [email protected] | 4.3 | 1.72% | 2012-12-05 | 2026-06-16 |
| CVE-2012-4983 | Multiple cross-site scripting (XSS) vulnerabilities on the Forescout CounterACT NAC device before 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the a parameter to assets/login or (2) the query parameter to assets/rangesearch. | [email protected] | 4.3 | 0.93% | 2012-12-05 | 2026-06-16 |
| CVE-2012-4982 | Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the a parameter. | [email protected] | 5.8 | 8.66% | 2012-12-05 | 2026-06-16 |
| CVE-2012-1825 | Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web script or HTML via (1) the loginname parameter in a forgotpass action or (2) the username parameter. | [email protected] | 4.3 | 0.99% | 2012-06-11 | 2026-06-16 |