CVE-2023-4996

CVE-2023-4996

Netskope was made aware of a security vulnerability in its NSClient product for version 100 & prior where a malicious non-admin user can disable the Netskope client by using a specially-crafted package. The root cause of the problem was a user control code when called by a Windows ServiceController did not validate the permissions associated with the user before executing the user control code. This user control code had permissions to terminate the NSClient service. 

Source: CVE-2023-4996

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다