Netskope Client Man-in-the-Middle Configuration Tampering Vulnerability

A vulnerability exists in the Netskope Client that allows a malicious insider to manipulate the application's configuration. This issue arises from potential Man-in-the-Middle (MITM) attacks on the communication channel used by the Netskope Client. Exploitation of this vulnerability requires administrative privileges on the affected machine and could lead to temporary changes in the client's configuration or the permanent removal or disabling of the agent.

Impact

Exploitation could result in unauthorized configuration changes to the Netskope Client or the permanent removal or disabling of the agent from the affected machine.

Remediation

Netskope has released a fix for this vulnerability in version R123(123.0.16), 126(126.0.9), R129 or higher. Administrators can enable the fix through the tenant UI. For instructions on downloading the updated client, visit the Netskope Support page.