Primary

Context

Netskope Client Improper Service Loading Vulnerability on Windows Systems Leading to Denial-of-Service

Vulnerability

A vulnerability exists in the Netskope Client Endpoint DLP driver on Windows, allowing local, authenticated users with Administrator privileges to improperly load the driver as a generic kernel service. This mismanagement triggers a null-pointer dereference, causing a system crash (Blue Screen of Death) and leading to a denial-of-service condition on the affected machine. All versions prior to R132 are vulnerable.

Impact

Exploitation of this vulnerability causes a system crash, leading to a denial-of-service condition on the affected machine.

Remediation

Netskope has released a patch for this vulnerability in version R132. Customers are advised to update to this version or later. Those using the Fail-Safe feature should update to R132.0.7 or later. Instructions for downloading the updated client are available on the Netskope Support website.

Added: Nov 28, 2025, 3:20 PM

Updated: Nov 28, 2025, 3:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Netskope Client Improper Service Loading Vulnerability on Windows Systems Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating