2 matches found
CVE-2023-4996 Local privilege escalation
Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted package. The root cause of the problem was a user control code when called by a Windows ServiceControll...
CVE-2023-4996
Netskope NSClient (versions 100 and prior) is affected. The root cause is a permissions-check flaw in user control code invoked by Windows ServiceController, which allows a malicious non-admin user to terminate the NSClient service and effectively disable the client. Documents consistently state ...