CVE-2019-10882

Description

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from a stack based buffer overflow in "doHandshakefromServer" function. Local users can use this vulnerability to trigger a crash of the service and potentially cause additional impact on the system.

CVSS breakdown

CVSS 3.0

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

Netskope / Netskope ClientNetskope client 57.2.0.219 – Netskope client 57.2.0.219
Netskope / Netskope ClientNetskope client 60.2.0.214 – Netskope client 60.2.0.214
Netskope / Netskope Client54 – Netskope client*

References

MISChttps://support.netskope.com/hc/article_attachments/360033003553/Sprint_62_Release_Notes.pdf
MISChttps://support.netskope.com/hc/en-us/articles/360014589894-Netskope-Client
VENDOR_ADVISORYhttps://airbus-seclab.github.io/advisories/netskope.html