How so? Hopping around in your home network should not be possible by default and would be a gross overreach by any IT department, even beyond “you put data on this device and therefore we will search the entire thing”.
Indeed, my work laptop is heavily firewalled, always assumes to be on an unsafe network, and uses a vpn and zscaler. Say you are on an airport wifi - I wouldn't expect corporate IT to scan the neighboring devices. No way it's going to snoop around on my home network, that would just expose the machine.
Interesting perspective difference; I was referring to protecting the work computer from threats, not the home network from corporate. You must work at happy places…
Apparently you would also be surprised by how common it is to use a home printer, a home wifi access point, etc. and have IoT devices in the network. Corporate firewalls and scanners only protect against unauthorised connections and known threats; zero-day exploits can still be much more effective from a local network.
I have a pretty dim view of endpoint security, seeing it mostly as a thing that works against me rather than for me. I feel that any threat model that includes "zero-day exploits" is almost always poorly formed and sensationalist, rather than grounded in a genuine evaluation of security tradeoffs.