CVE-2024-7402

HIGH

Netskope Client - Privilege Escalation

Title source: llm

Description

Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine.

References (1)

[Various Sources] https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-002

Scores

CVSS v4 7.0

EPSS 0.0002

EPSS Percentile 4.1%

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-354

Status published

Products (1)

Netskope/Netskope Client < 123.0.16, 126.0.9, 129.0.0

Published Aug 14, 2025

Tracked Since Feb 18, 2026