Privilege Escalation Vulnerability in Netskope Client for Mac OS
CVE-2024-13177

5.2MEDIUM

Key Information:

Vendor: Netskope
Status: Netskope Client
Vendor: CVE Published:; 15 April 2025

What is CVE-2024-13177?

A vulnerability exists in the Netskope Client for Mac OS, where the postinstall script fails to adequately validate the path of the 'nsinstallation' file. This oversight allows a standard user to create a symbolic link to the 'nsinstallation' file, potentially granting elevated privileges to another file within the system. Remediation measures should be taken for versions prior to 123.0, 117.1.11.2310, and 120.1.10.2306 to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Netskope Client MacOS 0 < 123.0

Netskope Client MacOS 0 < 117.1.11.2310

Netskope Client MacOS 0 < 120.1.10.2306

References

https://support.netskope.com/s/article/Netskope-Security-...

CVSS V4

Score:

5.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Apr 15, 2025
Vulnerability Reserved
Jan 7, 2025

Credit

Max Keasley

JSON

Netskope

What is CVE-2024-13177?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.