Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Local Privilege Escalation on Zscaler Client Connector on Windows
Vulnerability Description
While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Vulnerability Type
源验证错误
Vulnerability Title
Zscaler Client Connector 安全漏洞
Vulnerability Description
Zscaler Client Connector是Zscaler公司的一个轻量级代理。 Zscaler Client Connector 4.2.0.190之前版本存在安全漏洞,该漏洞源于缺少重新解析点检查,可能导致精心策划的攻击,从而导致本地特权升级。
CVSS Information
N/A
Vulnerability Type
N/A