A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent. 



This does not impact Linux or OSX Secure Connector.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 15 May 2025 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Forescout
Forescout secureconnector
Microsoft
Microsoft windows
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:a:forescout:secureconnector:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Forescout
Forescout secureconnector
Microsoft
Microsoft windows
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Tue, 13 May 2025 19:45:00 +0000


Tue, 13 May 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 13 May 2025 18:30:00 +0000

Type Values Removed Values Added
References

Tue, 13 May 2025 17:45:00 +0000

Type Values Removed Values Added
Description A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent.  This does not impact Linux or OSX Secure Connector.
Title Remote Code Execution in Windows Secure Connector/ HPS Inspection Engine via Insecure Named Pipe Access
Weaknesses CWE-276
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Forescout

Published:

Updated: 2025-08-21T15:14:15.922Z

Reserved: 2025-05-13T17:34:31.059Z

Link: CVE-2025-4660

cve-icon Vulnrichment

Updated: 2025-05-13T18:35:08.996Z

cve-icon NVD

Status : Analyzed

Published: 2025-05-13T18:15:41.843

Modified: 2025-05-15T18:38:32.803

Link: CVE-2025-4660

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.