Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Client Connector — Vulnerabilities & Security Advisories 36

All 36 CVE vulnerabilities found in Client Connector, with AI-generated Chinese analysis, references, and POCs.

Vendor: Zscaler

CVE IDTitleCVSSSeverityPublished
CVE-2024-31127 MacOS Zscaler Client Connector Local Privilege Escalation CWE-346 7.3 High2025-06-04
CVE-2023-28806 Signature validation error in DLL allows disabling anti-tampering protection CWE-347 5.7 Medium2024-08-06
CVE-2024-23483 Local Privilege Escalation via lack of input validation CWE-20 7.0 High2024-08-06
CVE-2024-23460 Incorrect signature validation of package CWE-347 6.4 Medium2024-08-06
CVE-2024-23464 Zscaler bypass with administrative privileges on Windows CWE-281 7.2 High2024-08-06
CVE-2024-23458 Local Privilege Escalation on Zscaler Client Connector on Windows CWE-346 7.3 High2024-08-06
CVE-2024-23456 Signature validation issue leads to Anti-Tampering bypass CWE-347 7.8 High2024-08-06
CVE-2024-23462 ZCC Mac validinstaller file integrity check missing CWE-354 3.3 Low2024-05-02
CVE-2024-23461 ZCC macOS Upgrade ZIP Bomb DoS CWE-354 4.2 Medium2024-05-02
CVE-2024-23459 Multiple Arbitrary Creates/Overwrites by link following CWE-59 7.1 High2024-05-02
CVE-2023-41971 Windows ZCC Upgrade DoS And Privilege Escalation Through RPC Control CWE-59 5.3 Medium2024-05-02
CVE-2023-41970 Repair App local code execution with arbitrary privileges CWE-354 6.0 Medium2024-05-02
CVE-2023-28798 Out-of-bounds write to heap in pacparser CWE-122 6.5 Medium2024-05-02
CVE-2024-23480 Insecure MacOS code sign check fallback CWE-347 7.5 High2024-05-01
CVE-2024-23457 Anti-tampering can be disabled with uninstall password enforced CWE-269 7.8 High2024-05-01
CVE-2024-23463 Anti-Tampering bypass via Repair App functionality CWE-367 8.8 High2024-04-30
CVE-2024-23482 ZScalerService Local Privilege Escalation CWE-20 7.0 High2024-03-26
CVE-2023-41973 Lack of input santization on Zscaler Client Connector enables arbitrary code execution CWE-22 7.3 High2024-03-26
CVE-2023-41972 Revert password check incorrect type validation CWE-280 7.3 High2024-03-26
CVE-2023-41969 ZSATrayManager Arbitrary File Deletion CWE-61 7.3 High2024-03-26
CVE-2023-28802 Disable Zscaler using machine tunnel restart CWE-354 4.9 Medium2023-11-21
CVE-2023-28794 PAC Files Exposed to Internet Websites CWE-346 4.3 Medium2023-11-06
CVE-2023-28805 ZCC on Linux privilege escalation CWE-78 6.7 Medium2023-10-23
CVE-2023-28804 Linux ZCC allows unsigned updates, allowing elevated Code Execution CWE-347 8.2 High2023-10-23
CVE-2023-28803 Traffic being bypassed by ZCC by configuring synthetic IP range as local network CWE-290 5.9 Medium2023-10-23
CVE-2023-28797 LPE using arbitrary file delete with Symlinks CWE-59 6.3 Medium2023-10-23
CVE-2023-28796 IPC Bypass Through PLT Section in ELF CWE-94 7.1 High2023-10-23
CVE-2023-28795 Client IPC validation bypass CWE-346 7.8 High2023-10-23
CVE-2023-28793 Heap Based Buffer Overflow in Library CWE-94 7.8 High2023-10-23
CVE-2021-26738 Privilege Escalation for ZCC macOS via PATH Variable CWE-426 7.8 High2023-10-23

All 36 known CVE vulnerabilities affecting Client Connector with full Chinese analysis, references, and POCs where available.