Netskope Client Windows IOCTL Insufficient Access Controls Bypass (CVE-2025-15641)

Vulnerability Overview Vulnerability Name: Netskope Client Exposed IOCTL with Insufficient Access Controls Vulnerability ID: NSKPSA-2025-007 CVE Number: CVE-2025-15641 Publication Date: June 16, 2026 Description: Netskope has identified a potential security vulnerability in its Windows client. Malicious insider attackers can send specially crafted IOCTL requests to the driver to tamper with customer IOCTLs with administrative privileges. Successful exploitation of this vulnerability allows bypassing all anti-tampering protections. Scope of Impact Affected Product: Netskope Client Affected Platform: Windows Affected Versions: All versions prior to R138 Remediation Patch Version: R138 and later Download Link: Netskope Client and Scripts Additional Information Workarounds: No temporary solutions are currently available. Best Practices: It is recommended to use the security hardening options available in the product and configure them to enhance the security of the Netskope tenant. Exploitation Status: Netskope is not currently aware of any active exploitation targeting this vulnerability. Credits: Netskope thanks Juan Pablo Barriga for reporting this vulnerability. Revision History Version: 1.0 Date: June 16, 2026 Remarks: Initial release Legal Disclaimer Information is provided "as is" without any express or implied warranties. The user assumes all risk associated with the use of the information or linked materials contained in this notice. About Netskope Netskope (NASDAQ: NTK) is a modern security and networking leader for the cloud and AI era, providing optimized access and real-time, context-aware AI ecosystem security for proxies, applications, tools, LLMs, people, devices, and data. Contact Information Phone: 1-800-979-6988 Address: 2445 Augustine Dr. 3rd floor, Santa Clara, CA 95054 Subscribe to Netskope Subscription options are available, allowing users to subscribe to the latest updates from Netskope. Social Media Links are provided for LinkedIn, X (formerly Twitter), and Instagram. Privacy and Compliance Links are provided for the Privacy Policy, Vulnerability Disclosure Policy, Terms of Use, and CCPA Compliance Statement. Copyright © 2026, All rights reserved. --- Note: No POC code or exploitation code is included in this document.

Goal Reached Thanks to every supporter — we hit 100%!

Netskope Client Windows IOCTL Insufficient Access Controls Bypass (CVE-2025-15641)