Home/Product/zscaler client connector
Product

zscaler client connector

41 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-22569
>= 4.7 and < 4.7.0.141
An incorrect startup configuration of affected versions of Zscaler Client Connector on Windows may cause a limited amount of traff
5.4MEDIUM
 CVE-2024-23483
< 4.2
An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command Injection. This issue affects Z
7.0HIGH
 CVE-2024-23464
< 4.2.1
In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Cli
7.2HIGH
 CVE-2024-23460
< 4.2
The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to
6.4MEDIUM
 CVE-2024-23458
< 4.2.0.190
While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potential
7.3HIGH
 CVE-2024-23456
< 4.2.0.190
Anti-tampering can be disabled under certain conditions without signature validation. This affects Zscaler Client Connector <4.2.0
7.8HIGH
 CVE-2023-28806
< 4.2.0.190
An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering.
5.7MEDIUM
 CVE-2024-3661
< 1.5.1.25
DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that r
7.6HIGH
 CVE-2024-23462
< 3.4
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS allows a denial of service of t
3.3LOW
 CVE-2024-23461
< 3.4
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS during the upgrade process may
4.2MEDIUM
 CVE-2024-23459
< 3.7
An Improper Link Resolution Before File Access ('Link Following') vulnerability in Zscaler Client Connector on Mac allows a system
7.1HIGH
 CVE-2023-41971
< 3.7
An Improper Link Resolution Before File Access ('Link Following') vulnerability in Zscaler Client Connector on Windows allows a sy
5.3MEDIUM
 CVE-2023-41970
< 4.1.0.62
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on Windows during the Repair App functio
6.0MEDIUM
 CVE-2023-28798
< 3.7
An out-of-bounds write to heap in the pacparser library on Zscaler Client Connector on Mac may lead to arbitrary code execution.
6.5MEDIUM
 CVE-2024-23480
< 4.2
A fallback mechanism in code sign checking on macOS may allow arbitrary code execution. This issue affects Zscaler Client Connecto
7.5HIGH
 CVE-2024-23457
< 4.2.0.209
The anti-tampering functionality of the Zscaler Client Connector can be disabled under certain conditions when an uninstall passwo
7.8HIGH
 CVE-2024-23463
< 4.2.1
Anti-tampering protection of the Zscaler Client Connector can be bypassed under certain conditions when running the Repair App fun
8.8HIGH
 CVE-2024-23482
< 4.2.0.241
The ZScaler service is susceptible to a local privilege escalation vulnerability found in the ZScalerService process. Fixed Versio
7.0HIGH
 CVE-2023-41973
< 4.3.0.121
ZSATray passes the previousInstallerName as a config parameter to TrayManager, and TrayManager constructs the path and appends pre
7.3HIGH
 CVE-2023-41972
< 4.3.0.121
In some rare cases, there is a password type validation missing in Revert Password check and for some features it could be disable
7.3HIGH
 CVE-2023-41969
< 4.3
An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp issue reporting file from the unprivil
7.3HIGH
 CVE-2023-28802
< 4.2.0.149
An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA
4.9MEDIUM
 CVE-2023-28794
< 1.3.1.6
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Clie
4.3MEDIUM
 CVE-2023-28805
< 1.4.0.105
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Cl
6.7MEDIUM
 CVE-2023-28804
< 1.4.0.105
An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.T
8.2HIGH
 CVE-2023-28803
< 3.9
An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, a
5.9MEDIUM
 CVE-2023-28797
< 4.1
Zscaler Client Connector for Windows before 4.1 writes/deletes a configuration file inside specific folders on the disk. A malicio
6.3MEDIUM
 CVE-2023-28796
< 1.3.1.6
Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows Code Injection. This is
7.1HIGH
 CVE-2023-28795
< 1.3.1.6
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Inclusion of Code in Existing Process. This issu
7.8HIGH
 CVE-2023-28793
< 1.3.1.6
Buffer overflow vulnerability in the signelf library used by Zscaler Client Connector on Linux allows Code Injection. This issue a
7.8HIGH
 CVE-2021-26738
< 3.7
Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the PATH variable. A local adversary
7.8HIGH
 CVE-2021-26737
< 3.6
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A local adversary without sufficien
5.5MEDIUM
 CVE-2021-26736
< 3.6
Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows prior to 3.6 allowed execution of b
6.7MEDIUM
 CVE-2021-26735
< 3.6
The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted search path vulnerability. A loca
6.7MEDIUM
 CVE-2021-26734
< 3.4.0.124
Zscaler Client Connector Installer on Windows before version 3.4.0.124 improperly handled directory junctions during uninstallatio
4.4MEDIUM
 CVE-2023-28800
< 1.10.2
When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack pro
8.1HIGH
 CVE-2023-28799
< 1.10.2
A URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, whic
8.2HIGH
 CVE-2020-11634
< 2.1.2.105
The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of O
7.8HIGH
 CVE-2020-11632
< 2.1.2.150
The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to exec
7.8HIGH
 CVE-2020-11633
< 2.1.2.81
The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS
9.8CRITICAL
 CVE-2020-11635
< 3.1.0
The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute c
7.8HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin