Secure Enterprise Client
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-26155 | 0.00 | — | 0.01 | Nov 26, 2025 | NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability. | |||
| CVE-2023-28872 | 0.00 | — | 0.01 | Dec 25, 2023 | Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport* location. | |||
| CVE-2023-28870 | 0.00 | — | 0.01 | Dec 9, 2023 | Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts. | |||
| CVE-2023-28868 | 0.00 | — | 0.01 | Dec 9, 2023 | Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link. | |||
| CVE-2023-28871 | 0.00 | — | 0.01 | Dec 9, 2023 | Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to read registry information of the operating system by creating a symbolic link. | |||
| CVE-2023-28869 | 0.00 | — | 0.01 | Dec 9, 2023 | Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents of arbitrary files on the operating system by creating a symbolic link. | |||
| CVE-2020-11474 | 0.00 | — | 0.01 | Jul 28, 2020 | NCP Secure Enterprise Client before 10.15 r47589 allows a symbolic link attack on enumusb.reg via Support Assistant. | |||
| CVE-2010-5203 | 0.00 | — | 0.00 | Sep 6, 2012 | Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse (1) dvccsabase002.dll,… |
- CVE-2025-26155Nov 26, 2025risk 0.00cvss —epss 0.01
NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability.
- CVE-2023-28872Dec 25, 2023risk 0.00cvss —epss 0.01
Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL files with SYSTEM privileges by creating a symbolic link from a %LOCALAPPDATA%\Temp\NcpSupport* location.
- CVE-2023-28870Dec 9, 2023risk 0.00cvss —epss 0.01
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts.
- CVE-2023-28868Dec 9, 2023risk 0.00cvss —epss 0.01
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link.
- CVE-2023-28871Dec 9, 2023risk 0.00cvss —epss 0.01
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to read registry information of the operating system by creating a symbolic link.
- CVE-2023-28869Dec 9, 2023risk 0.00cvss —epss 0.01
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents of arbitrary files on the operating system by creating a symbolic link.
- CVE-2020-11474Jul 28, 2020risk 0.00cvss —epss 0.01
NCP Secure Enterprise Client before 10.15 r47589 allows a symbolic link attack on enumusb.reg via Support Assistant.
- CVE-2010-5203Sep 6, 2012risk 0.00cvss —epss 0.00
Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse (1) dvccsabase002.dll,…