Tomasz Bukowski

**Name of the Vulnerable Software and Affected Versions:** Now Platform versions prior to March 2025 Now Platform versions prior to September 2024 **Description:** A vulnerability exists within the Now Platform that could allow unauthorized data inference. Under specific configurations of conditional Access Control Lists (ACLs), authenticated and unauthenticated users may be able to utilize range query requests to access instance data they are not authorized to view. The vulnerability, also known as "Count(er) Strike", allows low-privileged users to bypass ACLs and extract sensitive data. Exploitation occurs through URL filters and requires minimal access to target tables. The vulnerability could potentially expose Personally Identifiable Information (PII), credentials, and financial information. **Recommendations:** Now Platform versions prior to March 2025: Apply the security update released in March 2025 to enhance ACL configurations. Now Platform versions prior to September 2024: Apply the security update released in September 2024 to enhance ACL configurations. Review and properly configure Access Control Lists (ACLs) to prevent unauthorized data access.

**Name of the Vulnerable Software and Affected Versions** Forcepoint Email Security version 8.5 **Description** A stack-based buffer overflow allows an attacker to craft malicious input, potentially crashing a process and creating a denial-of-service. Although no known Remote Code Execution (RCE) vulnerabilities exist, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is enabled on the Email appliance as a risk mitigation. **Recommendations** For Forcepoint Email Security version 8.5, consider applying configuration changes to mitigate the risk of exploitation, such as enabling additional security features to prevent malicious input. As a temporary workaround, restrict access to potentially vulnerable components until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.