CVE-2025-15641— Netskope Client Exposed IOCTL with Insufficient Access Controls
Possible ATT&CK Techniques 2AI
T1055 · Process Injection T1068 · Exploitation for Privilege EscalationAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Netskope | Netskope Client | < 138 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-15641
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Netskope Client Exposed IOCTL with Insufficient Access Controls
Source: NVD (National Vulnerability Database)
Vulnerability Description
Netskope was notified about a potential gap in its Netskope Client for Windows systems where a malicious insider with administrative privileges can potentially tamper with the customer IOCTL by sending crafted IOCTL requests to the driver. A successful exploit can result in the bypassing of all anti-tampering protections for the NSClient.Affected Product(s) and Version(s) * Product Name: Netskope Client * Affected Platform: Windows * Affected Version: All version below R138
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
无充分访问控制条件下暴露IOCTL
Source: NVD (National Vulnerability Database)
Vulnerability Title
Netskope Client 权限许可和访问控制问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Netskope Client是Netskope公司的一款用于连接管理Netskope云平台的客户端程序。 Netskope Client R138之前版本存在权限许可和访问控制问题漏洞,该漏洞源于潜在IOCTL处理问题,可能导致具有管理员权限的恶意内部人员发送特制IOCTL请求到驱动程序,从而绕过NSClient的所有防篡改保护。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Netskope | Netskope Client | 0 ~ 138 | - |
II. Public POCs for CVE-2025-15641
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-15641
请登录查看更多情报信息。
Vendor Advisories for CVE-2025-15641 (1)
IV. Related Vulnerabilities
Same product: Netskope Client
- CVE-2025-15642
Netskope Client Service Insufficient Access Controls - CVE-2025-11156
Improper Service Loading Vulnerability in Netskope Endpoint - CVE-2025-5942
Heap Overflow in Netskope Endpoint DLP Driver - CVE-2025-0309
Netskope Client Local Elevation of Privileges - CVE-2025-5941
Out-of-Bounds Read Vulnerability in Netskope Client
Same vendor: Netskope
- CVE-2025-15642
Netskope Client Service Insufficient Access Controls - CVE-2026-2810
Endpoint DLP Driver Out-of-Bounds Read - CVE-2026-2809
Endpoint DLP Driver DLL - CVE-2025-15584
Endpoint DLP Driver Filter Communication Port Integer Overfl - CVE-2025-11156
Improper Service Loading Vulnerability in Netskope Endpoint
V. Comments for CVE-2025-15641
No comments yet