CVE-2024-7402 (GCVE-0-2024-7402)
Vulnerability from cvelistv5
Published
2025-08-14 04:32
Modified
2025-08-15 12:58
Severity ?
7.0 (High) - CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H
CWE
Summary
Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine.
References
psirt@netskope.comhttps://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-002
Impacted products
Vendor Product Version
Netskope Netskope Client Version: 0   < 123.0.16, 126.0.9, 129.0.0
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7402",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-15T12:28:14.675484Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-354",
                "description": "CWE-354 Improper Validation of Integrity Check Value",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-15T12:58:40.808Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Netskope Client",
          "vendor": "Netskope",
          "versions": [
            {
              "lessThan": "123.0.16, 126.0.9, 129.0.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Sander de Wit"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine. \u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-354",
              "description": "CWE-354",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T04:32:41.870Z",
        "orgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc",
        "shortName": "Netskope"
      },
      "references": [
        {
          "url": "https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-002"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Customers can apply the fix by enabling the \u201cSecure Configuration\u201d option from the tenant under Settings -\u0026gt; Security Cloud Platform -\u0026gt; Netskope Client -\u0026gt; MDM Distribution -\u0026gt; Secure Enrollment page.  Customers are recommended to upgrade the Netskope Client to the latest versions of  R123, R126, R129 or higher and adopt \u201cNetskope Client Secure Configuration Service\u201d for APIs."
            }
          ],
          "value": "Customers can apply the fix by enabling the \u201cSecure Configuration\u201d option from the tenant under Settings -\u003e Security Cloud Platform -\u003e Netskope Client -\u003e MDM Distribution -\u003e Secure Enrollment page.  Customers are recommended to upgrade the Netskope Client to the latest versions of  R123, R126, R129 or higher and adopt \u201cNetskope Client Secure Configuration Service\u201d for APIs."
        }
      ],
      "source": {
        "advisory": "NSKPSA-2024-002",
        "discovery": "EXTERNAL"
      },
      "title": "Netskope Client Configuration Tampering with Local MITM",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Prevent users from installing or adding 3rd party certificates in their machine\u0027s Operating System trust store. This will prevent users from performing MITM and tampering with configurations."
            }
          ],
          "value": "Prevent users from installing or adding 3rd party certificates in their machine\u0027s Operating System trust store. This will prevent users from performing MITM and tampering with configurations."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bf992f6a-e49d-4e94-9479-c4cff32c62bc",
    "assignerShortName": "Netskope",
    "cveId": "CVE-2024-7402",
    "datePublished": "2025-08-14T04:32:41.870Z",
    "dateReserved": "2024-08-02T07:21:12.054Z",
    "dateUpdated": "2025-08-15T12:58:40.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-7402\",\"sourceIdentifier\":\"psirt@netskope.com\",\"published\":\"2025-08-14T05:15:26.010\",\"lastModified\":\"2025-08-15T13:15:30.237\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine.\"},{\"lang\":\"es\",\"value\":\"Netskope ha identificado una posible vulnerabilidad en su agente (Cliente Netskope) que permite a un usuario malicioso manipular la configuraci\u00f3n del Cliente Netskope mediante una actividad de intermediario (MITM) en el canal de comunicaci\u00f3n del Cliente Netskope. Una explotaci\u00f3n exitosa requerir\u00eda privilegios administrativos en el equipo y podr\u00eda resultar en la alteraci\u00f3n temporal de la configuraci\u00f3n del Cliente Netskope o la desactivaci\u00f3n o eliminaci\u00f3n permanente del agente del equipo.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@netskope.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"psirt@netskope.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-354\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-354\"}]}],\"references\":[{\"url\":\"https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-002\",\"source\":\"psirt@netskope.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"title\": \"Netskope Client Configuration Tampering with Local MITM\", \"source\": {\"advisory\": \"NSKPSA-2024-002\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Sander de Wit\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 7, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:H/SA:H\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Netskope\", \"product\": \"Netskope Client\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"123.0.16, 126.0.9, 129.0.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Customers can apply the fix by enabling the \\u201cSecure Configuration\\u201d option from the tenant under Settings -\u003e Security Cloud Platform -\u003e Netskope Client -\u003e MDM Distribution -\u003e Secure Enrollment page.  Customers are recommended to upgrade the Netskope Client to the latest versions of  R123, R126, R129 or higher and adopt \\u201cNetskope Client Secure Configuration Service\\u201d for APIs.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Customers can apply the fix by enabling the \\u201cSecure Configuration\\u201d option from the tenant under Settings -\u0026gt; Security Cloud Platform -\u0026gt; Netskope Client -\u0026gt; MDM Distribution -\u0026gt; Secure Enrollment page.  Customers are recommended to upgrade the Netskope Client to the latest versions of  R123, R126, R129 or higher and adopt \\u201cNetskope Client Secure Configuration Service\\u201d for APIs.\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.netskope.com/company/security-compliance-and-assurance/security-advisories-and-disclosures/netskope-security-advisory-nskpsa-2024-002\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Prevent users from installing or adding 3rd party certificates in their machine\u0027s Operating System trust store. This will prevent users from performing MITM and tampering with configurations.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Prevent users from installing or adding 3rd party certificates in their machine\u0027s Operating System trust store. This will prevent users from performing MITM and tampering with configurations.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine. \u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-354\", \"description\": \"CWE-354\"}]}], \"providerMetadata\": {\"orgId\": \"bf992f6a-e49d-4e94-9479-c4cff32c62bc\", \"shortName\": \"Netskope\", \"dateUpdated\": \"2025-08-14T04:32:41.870Z\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-7402\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-15T12:28:14.675484Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-354\", \"description\": \"CWE-354 Improper Validation of Integrity Check Value\"}]}], \"providerMetadata\": {\"shortName\": \"CISA-ADP\", \"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"dateUpdated\": \"2025-08-15T12:28:25.743Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-7402\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-14T04:32:41.870Z\", \"dateReserved\": \"2024-08-02T07:21:12.054Z\", \"assignerOrgId\": \"bf992f6a-e49d-4e94-9479-c4cff32c62bc\", \"datePublished\": \"2025-08-14T04:32:41.870Z\", \"assignerShortName\": \"Netskope\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.