CVE-2023-39374

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 3, 2023

Updated: Sep 8, 2023

CWE ID 427

Summary

CVE-2023-39374 is a vulnerability affecting ForeScout NAC SecureConnector version 11.2. This issue, classified as CWE-427: Uncontrolled Search Path Element, allows an attacker to potentially gain unauthorized access to a system by manipulating the search path environment variable. The vulnerability could result in the execution of malicious code or unintended application execution, posing a significant risk to the security of affected networks. It is recommended that users upgrade to the latest version of ForeScout NAC SecureConnector to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ForeScout Technologies

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sKf-nl
https://www.cve.org/CVERecord?id=CVE-2023-39374
https://nvd.nist.gov/vuln/detail/CVE-2023-39374

Back to Vulnerability Database

CVE-2023-39374

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations