Privilege Escalation Vulnerability in Netskope Client by Netskope
CVE-2020-24576

8.8HIGH

Key Information:

Vendor: Netskope
Status: Netskope
Vendor: CVE Published:; 12 August 2021

What is CVE-2020-24576?

The Netskope Client, prior to version 78, contains a vulnerability that permits low-privileged users to gain unauthorized access and elevate their privileges to NT AUTHORITY\SYSTEM. This could potentially allow attackers to perform actions with higher system privileges than they should have, heightening the risk of unauthorized system modifications and security breaches. Netskope has addressed this issue in their security advisory and recommends upgrading to the latest version.

References

https://www.netskope.com

x_refsource_MISC

https://www.netskope.com/company/security-compliance-and-...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2021
Vulnerability Reserved
Aug 21, 2020

CVE-2020-24576 Data

JSON