CVE-2024-7402 | THREATINT

Description

Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine.

PUBLISHED Reserved 2024-08-02 | Published 2025-08-14 | Updated 2025-08-15 | Assigner Netskope

HIGH: 7.0CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H

Problem types

CWE-354

Product status

Default status

unaffected

Any version before 123.0.16, 126.0.9, 129.0.0

affected

Credits

Sander de Wit reporter

References

www.netskope.com/...tskope-security-advisory-nskpsa-2024-002

cve.org (CVE-2024-7402)

nvd.nist.gov (CVE-2024-7402)

Download JSON