CVE-2025-5941
BaseFortify
Publication date: 2025-08-14
Last updated on: 2025-08-14
Assigner: Netskope
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| netskope | client | r129 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves a potential memory leak in the Netskope agent (NS Client) that can be triggered by a malicious actor sending a specially crafted DNS packet to a machine. Exploiting this issue may require administrative privileges depending on the system configuration. If successfully exploited, it can cause user-controllable memory to be leaked in a domain name stored on the local machine.
How can this vulnerability impact me? :
The impact of this vulnerability is a potential memory leak on the affected machine, which could lead to unintended exposure of memory contents related to domain names stored locally. This could affect system stability or confidentiality of certain data. Exploitation requires administrative privileges, so the risk depends on the attacker's access level.