Tom Brice

**Name of the Vulnerable Software and Affected Versions** Netskope Client on Windows (affected versions not specified) **Description** A gap in the Endpoint DLP Module for Netskope Client on Windows systems allows an unprivileged user to trigger an out-of-bounds read within a driver. An out-of-bounds read occurs when a program reads data past the end of the intended buffer. This can lead to a Blue-Screen-of-Death (BSOD), resulting in a denial-of-service for the local machine. Exploitation requires the Endpoint DLP module to be enabled in the client configuration. **Recommendations** As a temporary workaround, consider disabling the Endpoint DLP module in the client configuration to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netskope versions (affected versions not specified) **Description** A potential issue exists in the Netskope Endpoint DLP Module for Netskope Client on Windows systems. Successful exploitation may allow an unprivileged user to trigger an integer overflow within the filter communication port, potentially leading to a Blue-Screen-of-Death (BSOD). Successful exploitation requires the Endpoint DLP module to be enabled in the client configuration and can potentially result in a denial-of-service for the local machine. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netskope Client versions (affected versions not specified) **Description** A potential gap exists in the Endpoint DLP Module for Netskope Client on Windows systems. Successful exploitation of this gap could allow a privileged user to trigger an integer overflow within the DLL Injector, potentially leading to a Blue-Screen-of-Death (BSOD). Exploitation requires the Endpoint DLP module to be enabled in the client configuration and could result in a denial-of-service for the local machine. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.