Home

Description

Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, an unprivileged user can trigger a heap overflow in the epdlpdrv.sys driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation can also potentially be performed by an unprivileged user whose NS Client is configured to use Endpoint DLP. A successful exploit can result in a denial-of-service for the local machine.

PUBLISHED Reserved 2025-06-09 | Published 2025-08-14 | Updated 2025-08-18 | Assigner Netskope




MEDIUM: 5.7CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-122 Heap-based Buffer Overflow

Product status

Default status
unaffected

Any version before 126.0.9, 129.0.0
affected

Credits

Thomas Brice finder

References

www.netskope.com/...tskope-security-advisory-nskpsa-2025-003 vendor-advisory

cve.org (CVE-2025-5942)

nvd.nist.gov (CVE-2025-5942)

Download JSON