Description
Netskope is notified about a potential gap in its Netskoped Client for Windows systems where a malicious insider with admin privileges can lead to bypassing the NSClient Tamper Protections due to weak Discretionary Access Control List (DACLs) on the service object and related registry keys,.
* Product Name: Netskope Client
* Affected Platform: Windows
* Affected Version: All version below R138
Published: 2026-06-17
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A weakness in the discretionary access control lists (DACLs) on the Netskope Client service object and related registry keys allows a malicious insider who already has administrative privileges to bypass the NSClient tamper protections. By doing so, an attacker could modify, replace, or otherwise tamper with the client binary or its configuration, potentially compromising the integrity and reliability of the client and the data it handles. The flaw does not directly provide remote code execution, but it enables unauthorized changes that could lead to further compromise.

Affected Systems

The vulnerability applies to the Netskope Client for Windows, affecting all released versions lower than R138. It applies to any installation on Windows platforms where the service object and associated registry keys have the weak permission settings described.

Risk and Exploitability

The CVSS score of 6.8 reflects a moderate severity. Because the EPSS score is less than 1 percent and the issue is not listed in CISA KEV, the likelihood of exploitation is considered low. However, the attack requires a local attacker with administrative rights, making it a concern for environments where insider threats are possible. Exploitation would involve modifying the client or its registry settings to bypass tamper protection, which could undermine the trust model of the monitoring solution.

Generated by OpenCVE AI on June 17, 2026 at 17:51 UTC.

Remediation

Vendor Solution

Use any of the below version of Netskope Client: * R138 and above * R135 (135.1.19.2670 and above ) * R132 (132.0.27.2671 and above )

Vendor Workaround

No workaround available

OpenCVE Recommended Actions

  • Upgrade the Netskope Client to version R138 or later;
  • If R138 is unavailable, upgrade to version R135.1.19.2670 or later;
  • If neither of the above can be applied, upgrade to version R132.0.27.2671 or later.

Generated by OpenCVE AI on June 17, 2026 at 17:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 17 Jun 2026 05:15:00 +0000

Type Values Removed Values Added
Description Netskope is notified about a potential gap in its Netskoped Client for Windows systems where a malicious insider with admin privileges can lead to bypassing the NSClient Tamper Protections due to weak Discretionary Access Control List (DACLs) on the service object and related registry keys,. * Product Name: Netskope Client * Affected Platform: Windows * Affected Version: All version below R138
Title Netskope Client Service Insufficient Access Controls
Weaknesses CWE-276
References
Metrics cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Netskope

Published:

Updated: 2026-06-17T14:54:51.217Z

Reserved: 2026-04-22T15:49:44.526Z

Link: CVE-2025-15642

cve-icon Vulnrichment

Updated: 2026-06-17T14:54:41.537Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-17T18:00:04Z

Weaknesses
  • CWE-276

    Incorrect Default Permissions