Heap Overflow Vulnerability in Netskope Endpoint DLP's Content Control Driver
CVE-2024-11616
Key Information:
- Vendor
Netskope Inc.
- Status
- Vendor
- CVE Published:
- 19 December 2024
Badges
What is CVE-2024-11616?
CVE-2024-11616 is a critical heap overflow vulnerability affecting Netskope Endpoint DLP’s Content Control Driver. The issue stems from a double-fetch condition within the EpdlpSetUsbAction function, where the NumberOfBytes and Length arguments are derived independently from user-supplied input. This allows an attacker with administrative privileges to exploit the vulnerability by manipulating the length value between two calls, resulting in memory being copied outside the allocated buffer. This condition can lead to serious security risks, including potential system instability and unauthorized access. Users are advised to upgrade to the latest version to mitigate these threats.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Endpoint DLP Windows 118.0.0; 0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved