Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, an unprivileged user can trigger a heap overflow in the epdlpdrv.sys driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation can also potentially be performed by an unprivileged user whose NS Client is configured to use Endpoint DLP. A successful exploit can result in a denial-of-service for the local machine.
Fixes

Solution

Update the Netskope Client to version 129.0.0 or newer, or to the hotfix version of 126.0.9.


Workaround

Some AV and EDR solutions may be able to detect the behaviors associated with exploiting this vulnerability.

History

Mon, 18 Aug 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 15 Aug 2025 08:15:00 +0000

Type Values Removed Values Added
First Time appeared Netskope
Netskope netskope
Vendors & Products Netskope
Netskope netskope

Thu, 14 Aug 2025 04:45:00 +0000

Type Values Removed Values Added
Description Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, an unprivileged user can trigger a heap overflow in the epdlpdrv.sys driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation can also potentially be performed by an unprivileged user whose NS Client is configured to use Endpoint DLP. A successful exploit can result in a denial-of-service for the local machine.
Title Heap Overflow in Netskope Endpoint DLP Driver
Weaknesses CWE-122
References
Metrics cvssV4_0

{'score': 5.7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Netskope

Published:

Updated: 2025-08-18T16:45:47.540Z

Reserved: 2025-06-09T16:38:43.986Z

Link: CVE-2025-5942

cve-icon Vulnrichment

Updated: 2025-08-18T16:45:42.841Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-14T05:15:26.967

Modified: 2025-08-14T13:11:53.633

Link: CVE-2025-5942

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-14T12:59:56Z