← back
CVE-2020-11634

CVE-2020-11634

EPSS 0.5%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
15 Jul 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of OpenSSL. A local adversary may be able to execute arbitrary code in the SYSTEM context.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.105