Netskope Windows Client Vulnerability Enables Privilege Escalation via Rogue Server

A serious security vulnerability in Netskope’s Windows client has been discovered that could allow attackers to escalate privileges from a low-privileged user to full system-level access.

The flaw, tracked as CVE-2025-0309, affects all versions of the Netskope Windows client prior to version R129 and has prompted the company to release urgent security updates.

Exploiting Rogue Server Trust

The vulnerability centers around the Netskope client’s enrollment process, which security researchers Richard Warren and David Cash from Amber Wolf found could be manipulated through a sophisticated attack chain.

The exploit takes advantage of the communication between the low-privileged client UI process (stAgentUI) and the privileged service (stAgentSvc) that runs with SYSTEM privileges.

The attack process involves several key steps:

• Attackers craft a specially formatted JSON Web Token (JWT) containing a rogue server URL.
• The malicious token is sent through the client’s Inter-Process Communication (IPC) channel using command ID 148.
• The privileged service begins making requests to the attacker’s fake server instead of legitimate Netskope infrastructure.
• The rogue server responds with malicious configurations and installs a fraudulent certificate authority.
• A backdoored software update is served that appears legitimate due to the compromised trust chain.

The rogue server can then respond with malicious configurations, including installing a fraudulent certificate authority in the system’s trusted root store and serving up a backdoored software update.

Since the attacker controls the certificate authority, they can sign malicious software installers that appear legitimate to the client’s security checks.

The client’s built-in protections, including signature verification and digest checking, can be bypassed since the attacker has complete control over both the signing certificates and the server responses.

Evasion Techniques Defeat Security

The researchers discovered multiple ways to circumvent Netskope’s security protections. The client attempts to authenticate IPC callers by checking that requests come from legitimate Netskope processes located in protected directories.

However, this protection can be bypassed by injecting code into approved processes like nsdiag.exe and using them as a proxy for malicious IPC communications.

Even Netskope’s “Tamper Proof” feature, designed to prevent unauthorized access to protected processes through kernel-level driver protections, can be defeated.

The researchers developed a technique that creates a new Netskope process in a suspended state, overwrites critical system functions with malicious code, and then resumes execution to load their attack payload.

Additionally, newer versions of the client that encrypt IPC communications are not immune to this attack.

The encryption uses easily obtainable values from the Windows registry as the encryption key and initialization vector, allowing attackers to decrypt and forge encrypted messages.

Netskope Issues Patches and Guidance

Netskope has taken swift action to address this critical vulnerability. On August 13, 2025, the company released version R129 of their Windows client, which implements a hardcoded allowlist of legitimate Netskope domains to prevent enrollment with rogue servers.

The company also published security advisory NSKPSA-2025-002 providing detailed information about the vulnerability.

Organizations using Netskope are strongly advised to update to version R129 immediately.

The company has also provided detection methods for security teams, including monitoring for suspicious certificates in the trusted root store, watching for unusual MSI installations from the Netskope service, and reviewing log files for unexpected addon URLs or tenant IDs that could indicate compromise attempts.

This vulnerability highlights the complex security challenges facing enterprise security software, where the need for privileged system access to provide protection can also create attractive targets for attackers.

The sophisticated nature of this attack, requiring deep technical knowledge of the client’s architecture and communication protocols, suggests it would primarily be of interest to advanced persistent threat actors or security researchers rather than common cybercriminals.

Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!