CVE-2024-13177 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not properly validate the path of the file “nsinstallation”. A sta…
Medium CVSS: 5.2

CVE-2024-13177

Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not properly validate the path of the file “nsinstallation”. A standard user could potentially create a symlink of the file “nsinstallation” to escalate the privileges of a different file on the system.
This issue affects Netskope Client: before 123.0, before 117.1.11.2310, before 120.1.10.2306.
Vendor
-
Product
-
CWE
CWE-610
Yayın Tarihi
2025-04-15 16:15:21
Güncelleme
2025-04-15 18:39:27
Source Identifier
psirt@netskope.com
KEV Date Added
-

Kategoriler

CWE-610 MEDIUM 2025

Referanslar

https://support.netskope.com/s/article/Netskope-Security-Advisory-Netskope-Client-installer-with-symbolic-link-following-vulnerability-leading-to-privilege-escalation