| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-23463 | Anti-Tampering bypass via Repair App functionality | Zscaler | Client Connector | High | 8.8 | 2024-04-30 16:17:54 | Deep Dive |
| CVE-2024-23482 | ZScalerService Local Privilege Escalation | Zscaler | Client Connector | High | 7.0 | 2024-03-26 14:23:20 | Deep Dive |
| CVE-2023-41973 | Lack of input santization on Zscaler Client Connector enables arbitrary code execution | Zscaler | Client Connector | High | 7.3 | 2024-03-26 14:19:13 | Deep Dive |
| CVE-2023-41972 | Revert password check incorrect type validation | Zscaler | Client Connector | High | 7.3 | 2024-03-26 14:16:25 | Deep Dive |
| CVE-2023-41969 | ZSATrayManager Arbitrary File Deletion | Zscaler | Client Connector | High | 7.3 | 2024-03-26 14:14:22 | Deep Dive |
| CVE-2023-28807 | Bypass of ZIA domain fronting detection module through evasion technique | Zscaler | ZIA | Medium | 5.1 | 2024-01-31 19:17:00 | Deep Dive |
| CVE-2023-28802 | Disable Zscaler using machine tunnel restart | Zscaler | Client Connector | Medium | 4.9 | 2023-11-21 10:51:51 | Deep Dive |
| CVE-2023-28794 | PAC Files Exposed to Internet Websites | Zscaler | Client Connector | Medium | 4.3 | 2023-11-06 07:19:26 | Deep Dive |
| CVE-2023-28805 | ZCC on Linux privilege escalation | Zscaler | Client Connector | Medium | 6.7 | 2023-10-23 13:33:57 | Deep Dive |
| CVE-2023-28804 | Linux ZCC allows unsigned updates, allowing elevated Code Execution | Zscaler | Client Connector | High | 8.2 | 2023-10-23 13:33:20 | Deep Dive |
| CVE-2023-28803 | Traffic being bypassed by ZCC by configuring synthetic IP range as local network | Zscaler | Client Connector | Medium | 5.9 | 2023-10-23 13:32:18 | Deep Dive |
| CVE-2023-28797 | LPE using arbitrary file delete with Symlinks | Zscaler | Client Connector | Medium | 6.3 | 2023-10-23 13:30:38 | Deep Dive |
| CVE-2023-28796 | IPC Bypass Through PLT Section in ELF | Zscaler | Client Connector | High | 7.1 | 2023-10-23 13:28:16 | Deep Dive |
| CVE-2023-28795 | Client IPC validation bypass | Zscaler | Client Connector | High | 7.8 | 2023-10-23 13:27:24 | Deep Dive |
| CVE-2023-28793 | Heap Based Buffer Overflow in Library | Zscaler | Client Connector | High | 7.8 | 2023-10-23 13:26:08 | Deep Dive |
| CVE-2021-26738 | Privilege Escalation for ZCC macOS via PATH Variable | Zscaler | Client Connector | High | 7.8 | 2023-10-23 13:24:50 | Deep Dive |
| CVE-2021-26737 | Privilege Escalation Using PID Reuse in ZCC macOS | Zscaler | Client Connector | Medium | 5.5 | 2023-10-23 13:22:52 | Deep Dive |
| CVE-2021-26736 | ZApp Installer Privilege Escalation Vulnerabilities | Zscaler | Client Connector | Medium | 6.7 | 2023-10-23 13:21:13 | Deep Dive |
| CVE-2021-26735 | Untrusted Search Path While Executing REG DELETE by Uninstaller | Zscaler | Client Connector | Medium | 6.7 | 2023-10-23 13:19:36 | Deep Dive |
| CVE-2021-26734 | Junction Delete leading to elevation of privilege | Zscaler | Client Connector | Medium | 4.4 | 2023-10-23 13:18:37 | Deep Dive |