RSS   Vulnerabilities for 'Netskope'   RSS

2021-08-12
 
CVE-2020-24576

CWE-269
 

 
Netskope Client through 77 allows low-privileged users to elevate their privileges to NT AUTHORITY\SYSTEM.

 
2019-09-26
 
CVE-2019-12091

CWE-78
 

 
The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from command injection vulnerability. Local users can use this vulnerability to execute code with NT\SYSTEM privilege.

 
 
CVE-2019-10882

CWE-120
 

 
The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from a stack based buffer overflow in "doHandshakefromServer" function. Local users can use this vulnerability to trigger a crash of the service and potentially cause additional impact on the system.

 


Copyright 2024, cxsecurity.com

 

Back to Top