{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-4660","assignerOrgId":"a14582b7-06f4-4d66-8e82-3d7ba3739e88","state":"PUBLISHED","assignerShortName":"Forescout","dateReserved":"2025-05-13T17:34:31.059Z","datePublished":"2025-05-13T17:34:53.955Z","dateUpdated":"2025-08-21T15:14:15.922Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["Windows"],"product":"SecureConnector","vendor":"Forescout","versions":[{"lessThanOrEqual":"11.3.6","status":"affected","version":"0","versionType":"custom"},{"status":"unaffected","version":"11.3.7","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","value":"Pen Test Partners"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>\n\n</p><p>A remote code execution vulnerability exists in the Windows agent component of SecureConnector&nbsp;due to improper access controls on a named pipe. The pipe is accessible to the <strong>Everyone</strong> group and does not restrict <strong>remote connections</strong>, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent.&nbsp;<br><br>\n\n<span style=\"background-color: rgb(24, 26, 27);\">This does not impact Linux or OSX Secure Connector. </span>\n\n<br></p>\n\n\n<p></p>"}],"value":"A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without authentication. By interacting with this pipe, an attacker can redirect the agent to communicate with a rogue server that can issue commands via the SecureConnector Agent. \n\n\n\nThis does not impact Linux or OSX Secure Connector."}],"impacts":[{"capecId":"CAPEC-549","descriptions":[{"lang":"en","value":"CAPEC-549 Local Execution of Code"}]}],"metrics":[{"cvssV4_0":{"Automatable":"YES","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":8.7,"baseSeverity":"HIGH","privilegesRequired":"LOW","providerUrgency":"AMBER","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"CONCENTRATED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-276","description":"CWE-276 Incorrect Default Permissions","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"a14582b7-06f4-4d66-8e82-3d7ba3739e88","shortName":"Forescout","dateUpdated":"2025-08-21T15:14:15.922Z"},"references":[{"url":"https://forescout.my.site.com/support/s/article/"}],"source":{"discovery":"UNKNOWN"},"title":"Remote Code Execution in Windows Secure Connector/ HPS Inspection Engine via Insecure Named Pipe Access","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-13T18:35:04.445621Z","id":"CVE-2025-4660","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-13T18:35:12.394Z"}}]}}