CVE-2026-2810: BSOD Risk in Netskope Endpoint DLP Driver
Plattform
windows
Komponente
netskope-client
Behoben in
129.1.8,132.0.23,135.1.0,136.1
CVE-2026-2810 affects the Netskope Client Endpoint DLP Driver for Windows systems. A gap in the Endpoint DLP Module can potentially allow an unprivileged user to trigger an out-of-bounds read within the driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation requires the Endpoint DLP module to be enabled in the client configuration. The vulnerability results in a denial-of-service for the local machine.
Auswirkungen und Angriffsszenarien
The primary impact of CVE-2026-2810 is a denial-of-service (DoS) condition resulting in a Blue-Screen-of-Death (BSOD) on the affected Windows system. While the vulnerability does not directly lead to data theft or unauthorized access, the BSOD can disrupt user productivity and potentially cause data loss if unsaved work is present. The successful exploitation requires the Endpoint DLP module to be enabled, limiting the potential attack surface. The blast radius is limited to the local machine where the vulnerable driver is installed.
Ausnutzungskontext
CVE-2026-2810 is not currently listed on KEV or EPSS. The CVSS severity is pending evaluation. No public proof-of-concept (PoC) code has been publicly released. The vulnerability was published on 2026-04-29.
Bedrohungsanalyse
Exploit-Status
EPSS
0.02% (4% Perzentil)
Betroffene Software
Schwachstellen-Klassifikation (CWE)
Zeitleiste
- Veröffentlicht
- EPSS aktualisiert
Mitigation und Workarounds
The primary mitigation for CVE-2026-2810 is to upgrade the Netskope Client Endpoint DLP Driver to version 129.1.8, 132.0.23, 135.1.0, or 136.1. If immediate upgrade is not possible, consider temporarily disabling the Endpoint DLP module within the Netskope client configuration. Monitor system logs for any signs of driver instability or unexpected crashes. After upgrading, confirm the fix by attempting to trigger the out-of-bounds read condition (as described in the Netskope advisory) and verifying that the BSOD is no longer triggered.
So behebenwird übersetzt…
Actualice el Netskope Client a la versión 129.1.8 o posterior, 132.0.23 o posterior, 135.1.0 o posterior, o 136.1 o posterior para mitigar la vulnerabilidad de lectura fuera de límites en el controlador Endpoint DLP. Consulte la documentación de Netskope o su sitio de soporte para obtener instrucciones de actualización específicas.
Häufig gestellte Fragen
Was ist CVE-2026-2810 in Netskope Client Endpoint DLP Driver?
It's a vulnerability in the Netskope Endpoint DLP Driver that can trigger a Blue-Screen-of-Death (BSOD).
Bin ich von CVE-2026-2810 in Netskope Client Endpoint DLP Driver betroffen?
If you're using Netskope Client Endpoint DLP Driver versions 0.0.0–129.1.8, 132.0.23, 135.1.0, or 136.1, you are potentially affected.
Wie behebe ich CVE-2026-2810 in Netskope Client Endpoint DLP Driver?
Upgrade the driver to version 129.1.8, 132.0.23, 135.1.0, or 136.1. Consider disabling the Endpoint DLP module as a temporary workaround.
Wird CVE-2026-2810 aktiv ausgenutzt?
Currently, there's no public evidence of active exploitation.
Wo finde ich den offiziellen Netskope Client Endpoint DLP Driver-Hinweis für CVE-2026-2810?
Refer to the official Netskope security advisory for more details.
Ist dein Projekt betroffen?
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Jetzt testen — kein Konto
Laden Sie ein Manifest hoch (composer.lock, package-lock.json, WordPress Plugin-Liste…) oder fügen Sie Ihre Komponentenliste ein. Sie erhalten sofort einen Schwachstellenbericht. Das Hochladen einer Datei ist nur der Anfang: Mit einem Konto erhalten Sie kontinuierliche Überwachung, Slack/email-Benachrichtigungen, Multi-Projekt- und White-Label-Berichte.
Abhängigkeitsdatei hier ablegen
composer.lock, package-lock.json, requirements.txt, Gemfile.lock, pubspec.lock, Dockerfile...