Description
Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an integer overflow within the filter communication port, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.
Published: 2026-03-17
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service (Blue‑Screen‑of‑Death)
Action: Patch
AI Analysis

Impact

Netskope’s Endpoint DLP Module for the Netskope Client on Windows contains an integer‑overflow bug in the filter communication port. When triggered by an unprivileged user, the overflow can cause the system to crash with a Blue‑Screen‑of‑Death, resulting in a denial‑of‑service for the local machine. The weakness is classified as CWE‑190 (Integer Overflow or Wraparound).

Affected Systems

Affected systems include the Netskope Endpoint DLP Module for the Netskope Client on Windows. Specific version information is not provided in the vendor data; therefore, all installed versions of the module may be potentially impacted until the vendor releases a patch.

Risk and Exploitability

The vulnerability has a CVSS score of 6.8, indicating moderate severity. EPSS information is not available, and the vulnerability is not listed in CISA’s KEV catalog. The expected attack vector is a local user with unprivileged rights who can execute code on the target machine to trigger the integer overflow, leading to a BSOD. Given the lack of a publicly available exploit and the local nature of the attack, the likelihood of widespread exploitation is moderate but not negligible.

Generated by OpenCVE AI on March 17, 2026 at 20:20 UTC.

Remediation

Vendor Workaround

There are no direct workarounds. Some AV and EDR solutions may be able to detect the behaviors associated with exploiting this vulnerability.

OpenCVE Recommended Actions

  • Verify whether Netskope has released an update or patch for the Endpoint DLP Module and apply it immediately (vendor advisory).
  • If a patch is not yet available, consider disabling the Endpoint DLP Module in the client configuration to prevent the overflow from being exercised.
  • Deploy antivirus and EDR solutions that can detect exploitation behaviors associated with this vulnerability, as the vendor notes that some security solutions may identify related activity.
  • Continuously monitor the system for BSOD events and investigate any incidents promptly.

Generated by OpenCVE AI on March 17, 2026 at 20:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 18 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 18 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Netskope
Netskope endpoint Dlp Module For Netskope Client
Vendors & Products Netskope
Netskope endpoint Dlp Module For Netskope Client

Tue, 17 Mar 2026 19:30:00 +0000

Type Values Removed Values Added
Description Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an integer overflow within the filter communication port, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.
Title Endpoint DLP Driver Filter Communication Port Integer Overflow
Weaknesses CWE-190
References
Metrics cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Netskope Endpoint Dlp Module For Netskope Client
cve-icon MITRE

Status: PUBLISHED

Assigner: Netskope

Published:

Updated: 2026-03-18T14:04:02.449Z

Reserved: 2026-02-18T22:27:08.617Z

Link: CVE-2025-15584

cve-icon Vulnrichment

Updated: 2026-03-18T14:03:58.794Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-17T20:16:10.503

Modified: 2026-03-18T14:52:44.227

Link: CVE-2025-15584

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:54:47Z

Weaknesses