📦 Client Connector

A stack-based buffer overflow vulnerability in Zscaler Client Connector for Windows allows remote code execution with SYSTEM privileges when connecting to misconfigured TLS servers. This affects Windo...

This vulnerability allows attackers to disable anti-tampering protection in Zscaler Client Connector without proper signature validation. This affects Windows users running Zscaler Client Connector ve...

This vulnerability allows administrators with PowerShell access to disable Zscaler Internet Access (ZIA) protection on Windows systems. It affects organizations using Zscaler Client Connector on Windo...

This vulnerability allows an attacker to exploit improper link resolution in Zscaler Client Connector on macOS, enabling them to overwrite system files. This affects all macOS users running Zscaler Cl...

This vulnerability allows attackers to disable the anti-tampering protection in Zscaler Client Connector when an uninstall password is configured. This affects Windows systems running Zscaler Client C...

This vulnerability allows attackers to bypass anti-tampering protection in Zscaler Client Connector when the Repair App functionality is used. It affects Windows users running Zscaler Client Connector...

This CVE describes a local privilege escalation vulnerability in ZScaler's ZScalerService process on macOS. An attacker with local access can exploit this to gain elevated privileges on the system. On...

This vulnerability in ZSATrayManager allows unprivileged users to delete arbitrary files by exploiting inadequate protection of temporary encrypted ZApp issue reporting files. It affects Zscaler Clien...

This vulnerability in Zscaler Client Connector (ZSATray) allows path traversal attacks by improperly validating the 'previousInstallerName' parameter. Attackers could execute arbitrary code by manipul...

This vulnerability in Zscaler Client Connector for macOS allows local attackers to execute arbitrary code with root privileges by exploiting an unquoted search path in the PATH variable. It affects ma...

This CVE describes an origin validation error in Zscaler Client Connector for Linux that allows attackers to inject code into existing processes. The vulnerability affects Linux systems running Zscale...

This vulnerability allows attackers to replace binaries in Zscaler Client Connector on Linux due to improper cryptographic signature verification. It affects Linux users running Zscaler Client Connect...

This vulnerability allows an attacker to inject a malicious domain into a URL parameter during login, causing post-authentication redirection to the attacker's domain with the user's authorization tok...

This vulnerability in Zscaler Client Connector allows a local attacker to execute arbitrary code with SYSTEM privileges by exploiting an unquoted service path. It affects Windows systems running Zscal...

This vulnerability allows local attackers to execute arbitrary code on macOS systems by exploiting the Zscaler Updater's failure to validate digital signatures before executing installers. It affects ...

This vulnerability in Zscaler Client Connector on Windows allows attackers to overwrite system files through improper link resolution. It affects all Windows systems running Zscaler Client Connector v...

This vulnerability allows an attacker to write data beyond allocated heap memory boundaries in the pacparser library used by Zscaler Client Connector on macOS. Successful exploitation could lead to ar...

An improper validation vulnerability in Zscaler Client Connector on macOS allows attackers to cause denial of service by crashing the client binary, which removes VPN and security functionality. This ...