Client Connector Security Vulnerabilities and Issues — Client Connector CVE List

Lucene search

ZscalerClient Connector

4 matches found

CVE•added 2021/07/15 8:15 p.m.•47 views

CVE-2020-11634

The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of OpenSSL. A local adversary may be able to execute arbitrary code in the SYSTEM context.

7.8CVSS7.7AI score0.00064EPSS

CVE•added 2021/07/15 8:15 p.m.•42 views

CVE-2020-11632

The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges.

7.8CVSS7.7AI score0.00072EPSS

CVE•added 2021/02/16 8:15 p.m.•38 views

CVE-2020-11635

The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges.

7.8CVSS7.7AI score0.00116EPSS

CVE•added 2021/07/15 6:15 p.m.•33 views

CVE-2020-11633

The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges.

10CVSS9.9AI score0.01073EPSS