Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Client Connector — Vulnerabilities & Security Advisories 36

All 36 CVE vulnerabilities found in Client Connector, with AI-generated Chinese analysis, references, and POCs.

This page provides vulnerability aggregation data for the Client Connector product, focusing on common weakness enumerations and associated security tags. It collects information regarding known security flaws, ranging from remote code execution and privilege escalation to injection vulnerabilities and configuration errors, covering advisory periods from recent historical releases up to current updates. By accessing this resource, you can track specific vendor advisories to understand the context and severity of reported issues, gain a deeper comprehension of specific weakness classes and their potential impact on system integrity, and review the complete vulnerability history of the Client Connector to assess past risks and remediation efforts effectively. This consolidated view aids security professionals and system administrators in prioritizing patches, evaluating exposure, and maintaining robust defense postures against evolving threats targeting this software component without needing to consult multiple disparate sources. The data presented is derived from verified public advisories and internal tracking mechanisms to ensure accuracy and completeness.

Vendor: Zscaler

CVE IDTitleCVSSSeverityPublished
CVE-2024-31127 MacOS Zscaler Client Connector Local Privilege Escalation CWE-346 7.3 High2025-06-04
CVE-2023-28806 Signature validation error in DLL allows disabling anti-tampering protection CWE-347 5.7 Medium2024-08-06
CVE-2024-23483 Local Privilege Escalation via lack of input validation CWE-20 7.0 High2024-08-06
CVE-2024-23460 Incorrect signature validation of package CWE-347 6.4 Medium2024-08-06
CVE-2024-23464 Zscaler bypass with administrative privileges on Windows CWE-281 7.2 High2024-08-06
CVE-2024-23458 Local Privilege Escalation on Zscaler Client Connector on Windows CWE-346 7.3 High2024-08-06
CVE-2024-23456 Signature validation issue leads to Anti-Tampering bypass CWE-347 7.8 High2024-08-06
CVE-2024-23462 ZCC Mac validinstaller file integrity check missing CWE-354 3.3 Low2024-05-02
CVE-2024-23461 ZCC macOS Upgrade ZIP Bomb DoS CWE-354 4.2 Medium2024-05-02
CVE-2024-23459 Multiple Arbitrary Creates/Overwrites by link following CWE-59 7.1 High2024-05-02
CVE-2023-41971 Windows ZCC Upgrade DoS And Privilege Escalation Through RPC Control CWE-59 5.3 Medium2024-05-02
CVE-2023-41970 Repair App local code execution with arbitrary privileges CWE-354 6.0 Medium2024-05-02
CVE-2023-28798 Out-of-bounds write to heap in pacparser CWE-122 6.5 Medium2024-05-02
CVE-2024-23480 Insecure MacOS code sign check fallback CWE-347 7.5 High2024-05-01
CVE-2024-23457 Anti-tampering can be disabled with uninstall password enforced CWE-269 7.8 High2024-05-01
CVE-2024-23463 Anti-Tampering bypass via Repair App functionality CWE-367 8.8 High2024-04-30
CVE-2024-23482 ZScalerService Local Privilege Escalation CWE-20 7.0 High2024-03-26
CVE-2023-41973 Lack of input santization on Zscaler Client Connector enables arbitrary code execution CWE-22 7.3 High2024-03-26
CVE-2023-41972 Revert password check incorrect type validation CWE-280 7.3 High2024-03-26
CVE-2023-41969 ZSATrayManager Arbitrary File Deletion CWE-61 7.3 High2024-03-26
CVE-2023-28802 Disable Zscaler using machine tunnel restart CWE-354 4.9 Medium2023-11-21
CVE-2023-28794 PAC Files Exposed to Internet Websites CWE-346 4.3 Medium2023-11-06
CVE-2023-28805 ZCC on Linux privilege escalation CWE-78 6.7 Medium2023-10-23
CVE-2023-28804 Linux ZCC allows unsigned updates, allowing elevated Code Execution CWE-347 8.2 High2023-10-23
CVE-2023-28803 Traffic being bypassed by ZCC by configuring synthetic IP range as local network CWE-290 5.9 Medium2023-10-23
CVE-2023-28797 LPE using arbitrary file delete with Symlinks CWE-59 6.3 Medium2023-10-23
CVE-2023-28796 IPC Bypass Through PLT Section in ELF CWE-94 7.1 High2023-10-23
CVE-2023-28795 Client IPC validation bypass CWE-346 7.8 High2023-10-23
CVE-2023-28793 Heap Based Buffer Overflow in Library CWE-94 7.8 High2023-10-23
CVE-2021-26738 Privilege Escalation for ZCC macOS via PATH Variable CWE-426 7.8 High2023-10-23

All 36 known CVE vulnerabilities affecting Client Connector with full Chinese analysis, references, and POCs where available.