Insecure Temporary Directory in Forescout SecureConnector on Windows
CVE-2024-9950

8.5HIGH

Key Information:

Vendor: Forescout
Status: Secureconnector
Vendor: CVE Published:; 2 January 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2024-9950?

A significant vulnerability in Forescout SecureConnector v11.3.07.0109 for Windows allows unauthenticated users to access and modify compliance scripts due to an insecure temporary directory. This weakness could potentially lead to unauthorized control and manipulation of crucial compliance settings, posing risks to the integrity of network security policies.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SecureConnector Windows v11.3.07.0109

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-9950-PoC
Created by 0Nightsedge0

References

https://support.forescout.com/

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

🟡
Public PoC available
Jan 12, 2025
👾
Exploit known to exist
Jan 12, 2025
Vulnerability published
Jan 2, 2025
Vulnerability Reserved
Oct 14, 2024

Credit

Owen Jeanes

JSON

Forescout

Badges

What is CVE-2024-9950?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

Exploit Proof of Concept (PoC)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.