CVE-2025-11156 MEDIUM

CVE-2025-11156: Improper Service Loading Vulnerability in Netskope Endpoint DLP Driver

Vendor Netskope
Product Netskope Client
Weakness CWE-476
Published November 28, 2025
Last update November 28, 2025

CVSS base score

5.9/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:H

What the vulnerability does

01Description

Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, a local, authenticated user with Administrator privileges can improperly load the driver as a generic kernel service. This triggers the flaw, causing a system crash (Blue-Screen-of-Death) and resulting in a Denial of Service (DoS) for the affected machine.

Key dates

02Disclosure timeline

November 28, 2025 CVE published
November 28, 2025 Record updated