CVE-2025-15641

UNKNOWN 0.0

Netskope Client Exposed IOCTL with Insufficient Access Controls

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Netskope was notified about a potential gap in its Netskope Client for Windows systems where a malicious insider with administrative privileges can potentially tamper with the customer IOCTL by sending crafted IOCTL requests to the driver. A successful exploit can result in the bypassing of all anti-tampering protections for the NSClient.Affected Product(s) and Version(s) * Product Name: Netskope Client * Affected Platform: Windows * Affected Version: All version below R138

CWE	CWE-782
Vendor	netskope
Product	netskope client
Published	Jun 17, 2026
Last Updated	Jun 17, 2026

Stay Ahead of the Next One

Get instant alerts for netskope netskope client

Be the first to know when new unknown vulnerabilities affecting netskope netskope client are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Netskope / Netskope Client

0 < 138

References

NVD ↗ CVE.org ↗ EPSS Data ↗

netskope.com: https://www.netskope.com/resources/netskope-resources/netskope-security-advisory-nskpsa-2025-007

Credits

Netskope credits Juan Pablo Barriga for reporting this flaw.