What is the CVSS score of CVE-2025-15584?

CVE-2025-15584 has a CVSS 4.0 base score of 6.8 (Medium). CVSS vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N. EPSS exploitation probability: 0.0%.

Which versions of Windows are affected by CVE-2025-15584?

Organizations using Netskope was notified about a potential gap in its Endpoint DLP should be aware of notable risk from CVE-2025-15584, a integer overflow vulnerability rated CVSS 6.8.. A patch is available.

How to fix or mitigate CVE-2025-15584?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Windows CVE-2025-15584

EUVD-2025-208808 MEDIUM

Integer Overflow or Wraparound (CWE-190)

2026-03-17 Netskope

Windows Buffer Overflow Microsoft Endpoint Dlp Module For Netskope Client

6.8

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Lifecycle Timeline

Patch available

Apr 16, 2026 - 05:29 EUVD

135.0.0

EUVD ID Assigned

Mar 17, 2026 - 20:30 euvd

EUVD-2025-208808

Analysis Generated

Mar 17, 2026 - 20:30 vuln.today

CVE Published

Mar 17, 2026 - 18:55 nvd

MEDIUM 6.8

DescriptionNVD

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an integer overflow within the filter communication port, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation would require the Endpoint DLP module to be enabled in the client configuration. A successful exploit can potentially result in a denial-of-service for the local machine.

AnalysisAI

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems.

Technical ContextAI

An integer overflow occurs when an arithmetic operation produces a value that exceeds the maximum (or minimum) size of the integer type used to store it. This vulnerability is classified as Integer Overflow or Wraparound (CWE-190).

RemediationAI

Use safe integer arithmetic libraries. Check for overflow conditions before operations. Use appropriately sized integer types.

More from same product – last 7 days

CVE-2026-40412 CRITICAL Monitor

10.0 May 22

Remote code execution in Microsoft Azure Orbital Spatio allows unauthenticated network attackers to upload dangerous fil

CVE-2026-41104 CRITICAL Monitor

10.0 May 22

Unsafe deserialization in Microsoft Planetary Computer Pro (Geocatalog) lets a remote unauthenticated attacker craft mal

CVE-2026-23652 CRITICAL Monitor

10.0 May 22

Remote code execution in Microsoft Power Pages allows unauthenticated network attackers to inject and execute operating-

CVE-2026-47280 CRITICAL Monitor

10.0 May 22

Privilege elevation in Microsoft Azure Resource Manager (ARM) allows remote unauthenticated attackers to bypass authenti

CVE-2026-42901 CRITICAL Monitor

10.0 May 22

Privilege escalation in Microsoft Entra ID enables remote unauthenticated attackers to bypass origin validation and gain

CVE-2025-15584 vulnerability details – vuln.today

Back

Windows CVE-2025-15584

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code