The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A local adversary without sufficient privileges may be able to shutdown the Zscaler tunnel by exploiting a race condition.
CPE | Name | Operator | Version |
---|---|---|---|
client_connector | lt | 3.6 |