CVE-2024-9949
https://notcve.org/view.php?id=CVE-2024-9949
Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to corrupt the configuration file and cause Denial of Service in the application. • https://forescout.my.site.com/support/s/article/High-Severity-Vulnerability-in-Secure-Connector-HPS-Inspection-Engine-v11-3-5-and-lower • CWE-1188: Initialization of a Resource with an Insecure Default •
CVE-2024-22795
https://notcve.org/view.php?id=CVE-2024-22795
Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component. La vulnerabilidad de permisos inseguros en Forescout SecureConnector v.11.3.06.0063 permite a un atacante local escalar privilegios a través del componente Recheck Compliance Status. • https://gist.github.com/Hagrid29/aea0dc35a1e87813dbbb7b317853d023 https://github.com/Hagrid29/ForeScout-SecureConnector-EoP https://www.forescout.com • CWE-269: Improper Privilege Management •
CVE-2023-39374 – ForeScout NAC SecureConnector – CWE-427: Uncontrolled Search Path Element
https://notcve.org/view.php?id=CVE-2023-39374
ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element ForeScout NAC SecureConnector versión 11.2 - CWE-427: Elemento de ruta de búsqueda no controlada. • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-427: Uncontrolled Search Path Element •
CVE-2021-36724 – ForeScout - SecureConnector Local Service DoS
https://notcve.org/view.php?id=CVE-2021-36724
ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash. ForeScout - SecureConnector Local Service DoS - Un usuario poco privilegiado que no tiene permisos para cerrar el servicio del conector seguro escribe una gran cantidad de caracteres en installationPath. Esto causará el desbordamiento del búfer y se anule la cookie de la pila causando que el servicio se bloquee • https://www.gov.il/en/departments/faq/cve_advisories • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2016-9485 – On Windows endpoints, the SecureConnector agent is vulnerable to privilege escalation whereby an authenticated unprivileged user can obtain administrator privileges on the endpoint because it fails to set any permissions on downloaded file objects
https://notcve.org/view.php?id=CVE-2016-9485
On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector agent runs various plugin scripts and executables on the endpoint in order to gather and report information about the host to the CounterACT management appliance. The SecureConnector agent downloads these scripts and executables as needed from the CounterACT management appliance and runs them on the endpoint. The SecureConnector agent fails to set any permissions on downloaded file objects. • http://www.securityfocus.com/bid/94740 https://www.kb.cert.org/vuls/id/768331 • CWE-264: Permissions, Privileges, and Access Controls CWE-378: Creation of Temporary File With Insecure Permissions •