A vulnerability was reported in Netskope Client for Windows, where a malicious insider with admin privileges can bypass NSClient Tamper Protections. This is due to weak Discretionary Access Control List (DACLs) on the service object and related registry keys. The affected product is Netskope Client, and the affected platform is Windows, with all versions below R138 being vulnerable.
A potential gap was found in the Netskope Client for Windows systems, allowing a malicious insider with administrative privileges to tamper with the customer IOCTL by sending crafted IOCTL requests to the driver, effectively bypassing all anti-tampering protections for the NSClient. This vulnerability exists in the Netskope Client for Windows, where an administrative insider can send crafted IOCTL request [truncated]