CVE-2025-0309

Published: Aug 14, 2025

Modified: Aug 15, 2025

PUBLISHED

Description

An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to elevate privileges.

Vendor	Product	Versions
Netskope	Netskope Client	affected `0 - < 129.0.0`

References

https://blog.amberwolf.com/blog/2025/august/breaking-into-your-network-zer0-effort/

third-party-advisory

https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2025-002

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-0309

Description

Affected Products

References