2 matches found
CVE-2022-4149
CVE-2022-4149 affects Netskope client service on Windows older than R96. The service runs as SYSTEM and writes logs to C:\Users\Public\netSkope; a race condition during restart allows a local unprivileged user to create a logplaceholder file and set permissive ACLs. Once created with proper ACLs,...
CVE-2022-4149 Local privilege escalation using log file
The Netskope client service prior to R96 on Windows runs as NT AUTHORITY\SYSTEM which writes log files to a writable directory C:\Users\Public\netSkope for a standard user. The files are created and written with a SYSTEM account except one file logplaceholder which inherits permission giving all...