forescout 漏洞與 CVE 列表(13)

產品(CPE): — CVE 數: 13

forescout 漏洞概覽

彙總 forescout 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

已披露問題常與 路徑處理缺陷、緩衝區溢位與輸入驗證問題 相關,可能在 生產負載與軟體部署 場景中帶來 異常行為與檔案覆寫 等暴露風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 11313 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-4660 A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent.  This does not impact Linux or OSX Secu a14582b7-06f4-4d66-8e82-3d7ba3739e88 8.7 0.96% 2025-05-13 2026-06-17
CVE-2024-9950 A vulnerability in Forescout SecureConnector v11.3.07.0109 on Windows allows unauthenticated user to modify compliance scripts due to insecure temporary directory. a14582b7-06f4-4d66-8e82-3d7ba3739e88 8.5 0.30% 2025-01-02 2026-06-17
CVE-2024-9949 Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to corrupt the configuration file and cause Denial of Service in the application. a14582b7-06f4-4d66-8e82-3d7ba3739e88 5.8 0.14% 2024-10-23 2026-06-17
CVE-2024-22795 Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component. [email protected] 7.0 0.31% 2024-02-08 2026-06-17
CVE-2023-39374 ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element [email protected] 7.8 0.19% 2023-09-03 2026-06-17
CVE-2021-36724 ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash. [email protected] 6.1 0.22% 2021-12-29 2026-06-16
CVE-2021-28098 An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for the Everyone group. Using a symbolic link allows an attacker to point the log file to a privileged location such as %WINDIR%\System32. The resulting log file adopts the file permissions of the source [email protected] 7.8 0.40% 2021-04-14 2026-06-16
CVE-2016-9486 On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector agent runs various plugin scripts and executables on the endpoint in order to gather and report information about the host to the CounterACT management appliance. The SecureConnector agent downloads these [email protected] 7.8 1.23% 2018-07-13 2026-06-16
CVE-2016-9485 On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector agent runs various plugin scripts and executables on the endpoint in order to gather and report information about the host to the CounterACT management appliance. The SecureConnector agent downloads these [email protected] 7.8 1.23% 2018-07-13 2026-06-16
CVE-2012-4985 The Forescout CounterACT NAC device 6.3.4.1 does not block ARP and ICMP traffic from unrecognized clients, which allows remote attackers to conduct ARP poisoning attacks via crafted packets. [email protected] 4.3 1.72% 2012-12-05 2026-06-16
CVE-2012-4983 Multiple cross-site scripting (XSS) vulnerabilities on the Forescout CounterACT NAC device before 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the a parameter to assets/login or (2) the query parameter to assets/rangesearch. [email protected] 4.3 0.93% 2012-12-05 2026-06-16
CVE-2012-4982 Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the a parameter. [email protected] 5.8 8.66% 2012-12-05 2026-06-16
CVE-2012-1825 Multiple cross-site scripting (XSS) vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web script or HTML via (1) the loginname parameter in a forgotpass action or (2) the username parameter. [email protected] 4.3 0.99% 2012-06-11 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence