A method of vulnerability detection that relies on information gleaned from network data that is captured from a target computer without direct interaction. does have limitations.
Vulnerability scans these controls because no actual exploits are attempted on potential vulnerabilities.