Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution in Windows Secure Connector/ HPS Inspection Engine via Insecure Named Pipe Access
Vulnerability Description
A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent. This does not impact Linux or OSX Secure Connector.
CVSS Information
N/A
Vulnerability Type
缺省权限不正确
Vulnerability Title
ForeScout SecureConnector 安全漏洞
Vulnerability Description
ForeScout SecureConnector是美国ForeScout公司的一种网络安全软件,可对尝试加入网络的机器进行身份验证。 ForeScout SecureConnector Windows agent存在安全漏洞,该漏洞源于命名管道访问控制不当,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A