Heap Overflow Vulnerability in Netskope NS Client for Windows Systems
CVE-2025-5942

5.7MEDIUM

Key Information:

Vendor: Netskope
Status: Netskope Client
Vendor: CVE Published:; 14 August 2025

What is CVE-2025-5942?

Netskope NS Client for Windows is susceptible to a heap overflow vulnerability in the epdlpdrv.sys driver. An unprivileged user can exploit this vulnerability, which may trigger a denial-of-service condition, leading to a Blue-Screen-of-Death (BSOD). This is particularly relevant for users with configurations utilizing Endpoint DLP. It's crucial to address this issue promptly to safeguard local machine stability and security.

Affected Version(s)

Netskope Client Windows 0 < 126.0.9, 129.0.0

References

https://www.netskope.com/company/security-compliance-and-...

vendor-advisory

CVSS V4

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2025
Vulnerability Reserved
Jun 9, 2025

Credit

Thomas Brice