CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9949 – Denial of Service in Forescout SecureConnector
https://notcve.org/view.php?id=CVE-2024-9949
Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to corrupt the configuration file and cause Denial of Service in the application. • https://forescout.my.site.com/support/s/article/High-Severity-Vulnerability-in-Secure-Connector-HPS-Inspection-Engine-v11-3-5-and-lower • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-22795
https://notcve.org/view.php?id=CVE-2024-22795
Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component. La vulnerabilidad de permisos inseguros en Forescout SecureConnector v.11.3.06.0063 permite a un atacante local escalar privilegios a través del componente Recheck Compliance Status. • https://gist.github.com/Hagrid29/aea0dc35a1e87813dbbb7b317853d023 https://github.com/Hagrid29/ForeScout-SecureConnector-EoP https://www.forescout.com • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39374 – ForeScout NAC SecureConnector – CWE-427: Uncontrolled Search Path Element
https://notcve.org/view.php?id=CVE-2023-39374
ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element ForeScout NAC SecureConnector versión 11.2 - CWE-427: Elemento de ruta de búsqueda no controlada. • https://www.gov.il/en/Departments/faq/cve_advisories • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36724 – ForeScout - SecureConnector Local Service DoS
https://notcve.org/view.php?id=CVE-2021-36724
ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash. ForeScout - SecureConnector Local Service DoS - Un usuario poco privilegiado que no tiene permisos para cerrar el servicio del conector seguro escribe una gran cantidad de caracteres en installationPath. Esto causará el desbordamiento del búfer y se anule la cookie de la pila causando que el servicio se bloquee • https://www.gov.il/en/departments/faq/cve_advisories • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-28098
https://notcve.org/view.php?id=CVE-2021-28098
An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for the Everyone group. Using a symbolic link allows an attacker to point the log file to a privileged location such as %WINDIR%\System32. The resulting log file adopts the file permissions of the source of the symbolic link (in this case, the Everyone group). • https://docs.forescout.com https://jordanpotti.com/2021/03/30/forescout-priv-esc-folder-permissions https://www.adversis.io/research/2021/3/30/forescout-secure-connector-local-privilege-escalation • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-427: Uncontrolled Search Path Element CWE-732: Incorrect Permission Assignment for Critical Resource •