Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Client Connector — Vulnerabilities & Security Advisories 36

All 36 CVE vulnerabilities found in Client Connector, with AI-generated Chinese analysis, references, and POCs.

This page aggregates security vulnerabilities for the Client Connector product within the Client Connector vendor ecosystem, focusing on common weakness types and associated tags. It compiles a comprehensive collection of security issues, including buffer overflows, injection flaws, and authentication bypasses, covering vulnerability disclosures and advisory releases from 2018 through 2023. By reviewing this curated data, users can efficiently track a vendor's security advisories as they are published, gain a deeper understanding of specific weakness classes and their impact on system integrity, and examine a product's historical vulnerability patterns to assess long-term security posture and remediation trends.

Vendor: Zscaler

CVE IDTitleCVSSSeverityPublished
CVE-2024-31127 MacOS Zscaler Client Connector Local Privilege Escalation CWE-346 7.3 High2025-06-04
CVE-2023-28806 Signature validation error in DLL allows disabling anti-tampering protection CWE-347 5.7 Medium2024-08-06
CVE-2024-23483 Local Privilege Escalation via lack of input validation CWE-20 7.0 High2024-08-06
CVE-2024-23460 Incorrect signature validation of package CWE-347 6.4 Medium2024-08-06
CVE-2024-23464 Zscaler bypass with administrative privileges on Windows CWE-281 7.2 High2024-08-06
CVE-2024-23458 Local Privilege Escalation on Zscaler Client Connector on Windows CWE-346 7.3 High2024-08-06
CVE-2024-23456 Signature validation issue leads to Anti-Tampering bypass CWE-347 7.8 High2024-08-06
CVE-2024-23462 ZCC Mac validinstaller file integrity check missing CWE-354 3.3 Low2024-05-02
CVE-2024-23461 ZCC macOS Upgrade ZIP Bomb DoS CWE-354 4.2 Medium2024-05-02
CVE-2024-23459 Multiple Arbitrary Creates/Overwrites by link following CWE-59 7.1 High2024-05-02
CVE-2023-41971 Windows ZCC Upgrade DoS And Privilege Escalation Through RPC Control CWE-59 5.3 Medium2024-05-02
CVE-2023-41970 Repair App local code execution with arbitrary privileges CWE-354 6.0 Medium2024-05-02
CVE-2023-28798 Out-of-bounds write to heap in pacparser CWE-122 6.5 Medium2024-05-02
CVE-2024-23480 Insecure MacOS code sign check fallback CWE-347 7.5 High2024-05-01
CVE-2024-23457 Anti-tampering can be disabled with uninstall password enforced CWE-269 7.8 High2024-05-01
CVE-2024-23463 Anti-Tampering bypass via Repair App functionality CWE-367 8.8 High2024-04-30
CVE-2024-23482 ZScalerService Local Privilege Escalation CWE-20 7.0 High2024-03-26
CVE-2023-41973 Lack of input santization on Zscaler Client Connector enables arbitrary code execution CWE-22 7.3 High2024-03-26
CVE-2023-41972 Revert password check incorrect type validation CWE-280 7.3 High2024-03-26
CVE-2023-41969 ZSATrayManager Arbitrary File Deletion CWE-61 7.3 High2024-03-26
CVE-2023-28802 Disable Zscaler using machine tunnel restart CWE-354 4.9 Medium2023-11-21
CVE-2023-28794 PAC Files Exposed to Internet Websites CWE-346 4.3 Medium2023-11-06
CVE-2023-28805 ZCC on Linux privilege escalation CWE-78 6.7 Medium2023-10-23
CVE-2023-28804 Linux ZCC allows unsigned updates, allowing elevated Code Execution CWE-347 8.2 High2023-10-23
CVE-2023-28803 Traffic being bypassed by ZCC by configuring synthetic IP range as local network CWE-290 5.9 Medium2023-10-23
CVE-2023-28797 LPE using arbitrary file delete with Symlinks CWE-59 6.3 Medium2023-10-23
CVE-2023-28796 IPC Bypass Through PLT Section in ELF CWE-94 7.1 High2023-10-23
CVE-2023-28795 Client IPC validation bypass CWE-346 7.8 High2023-10-23
CVE-2023-28793 Heap Based Buffer Overflow in Library CWE-94 7.8 High2023-10-23
CVE-2021-26738 Privilege Escalation for ZCC macOS via PATH Variable CWE-426 7.8 High2023-10-23

All 36 known CVE vulnerabilities affecting Client Connector with full Chinese analysis, references, and POCs where available.