CVE-2025-5942

Summary

Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, an unprivileged user can trigger a heap overflow in the epdlpdrv.sys driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation can also potentially be performed by an unprivileged user whose NS Client is configured to use Endpoint DLP. A successful exploit can result in a denial-of-service for the local machine.

Affected Software

VendorProductVersion RangeStatus
NetskopeNetskope Client0 < 126.0.9, 129.0.0affected

Weaknesses

  • CWE-122: CWE-122 Heap-based Buffer Overflow

Workarounds

Some AV and EDR solutions may be able to detect the behaviors associated with exploiting this vulnerability.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References