Netskope Client Heap Overflow Vulnerability in Windows Endpoint DLP Driver Leading to Denial-of-Service
Vulnerability
A heap overflow vulnerability has been identified in the Netskope Client's Endpoint DLP driver on Windows systems. This vulnerability allows an unprivileged user to cause a heap overflow in the epdlpdrv.sys driver, resulting in a Blue Screen of Death (BSOD). The issue affects all Netskope Client versions prior to R129, with the exception of R126.0.9 and above. The vulnerability can be exploited by unprivileged users whose Netskope Client is configured to use Endpoint DLP.
Impact
Exploitation of this vulnerability causes a denial-of-service condition on the local machine, leading to a Blue Screen of Death (BSOD).
Remediation
Netskope has released a security patch for this vulnerability. Users can update to version R129 or above, or to R126.0.9 and above, where the patch has been backported. Instructions for downloading the updated Netskope Client are available on the Netskope Support website.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.