CVE-2023-41970

Repair App local code execution with arbitrary privileges

CVSS 6 MEDIUMEPSS 0.1%CWE-354

An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on Windows during the Repair App functionality may allow Local Execution of Code.This issue affects Client Connector on Windows: before 4.1.0.62.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L

Produtos afetados

Zscaler · Client Connector

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=windows&applicable_version=4.1