CVE-2024-7402
BaseFortify
Publication date: 2025-08-14
Last updated on: 2025-08-15
Assigner: Netskope
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netskope | netskope_client | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-354 | The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves a potential gap in the Netskope Client agent where a malicious insider with administrative privileges on the machine can perform a Man-in-the-Middle (MITM) attack on the communication channel of the Netskope Client. This could allow the attacker to tamper with the client's configuration, temporarily altering settings or permanently disabling or removing the agent from the machine.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker with administrative access to alter the Netskope Client configuration or disable/remove the agent. This could lead to loss of security controls provided by the agent, potentially exposing the system to further attacks or data loss.