Zscaler Security Vulnerabilities (CVEs)
Track 20 security vulnerabilities affecting Zscaler products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability allows authenticated administrators in Zscaler Internet Access (ZIA) to execute backend functions through improper input validation...
Feb 23, 2026This vulnerability allows attackers to disable anti-tampering protection in Zscaler Client Connector without proper signature validation. This affects...
Aug 6, 2024This vulnerability allows local attackers to execute arbitrary code on macOS systems by exploiting the Zscaler Updater's failure to validate digital s...
Aug 6, 2024This vulnerability allows administrators with PowerShell access to disable Zscaler Internet Access (ZIA) protection on Windows systems. It affects org...
Aug 6, 2024This vulnerability allows an attacker to exploit improper link resolution in Zscaler Client Connector on macOS, enabling them to overwrite system file...
May 2, 2024An improper validation vulnerability in Zscaler Client Connector on macOS allows attackers to cause denial of service by crashing the client binary, w...
May 2, 2024This vulnerability in Zscaler Client Connector on Windows allows attackers to overwrite system files through improper link resolution. It affects all ...
May 2, 2024This vulnerability allows an attacker to write data beyond allocated heap memory boundaries in the pacparser library used by Zscaler Client Connector ...
May 2, 2024This vulnerability allows attackers to disable the anti-tampering protection in Zscaler Client Connector when an uninstall password is configured. Thi...
May 1, 2024This vulnerability allows attackers to bypass anti-tampering protection in Zscaler Client Connector when the Repair App functionality is used. It affe...
Apr 30, 2024This CVE describes a local privilege escalation vulnerability in ZScaler's ZScalerService process on macOS. An attacker with local access can exploit ...
Mar 26, 2024This vulnerability in ZSATrayManager allows unprivileged users to delete arbitrary files by exploiting inadequate protection of temporary encrypted ZA...
Mar 26, 2024This vulnerability in Zscaler Client Connector (ZSATray) allows path traversal attacks by improperly validating the 'previousInstallerName' parameter....
Mar 26, 2024This vulnerability in Zscaler Client Connector for macOS allows local attackers to execute arbitrary code with root privileges by exploiting an unquot...
Oct 23, 2023This CVE describes an origin validation error in Zscaler Client Connector for Linux that allows attackers to inject code into existing processes. The ...
Oct 23, 2023This vulnerability allows attackers to replace binaries in Zscaler Client Connector on Linux due to improper cryptographic signature verification. It ...
Oct 23, 2023CVE-2023-28801 is an improper cryptographic signature verification vulnerability in Zscaler's SAML authentication for the Admin UI. This allows attack...
Aug 31, 2023This vulnerability allows an attacker to inject a malicious domain into a URL parameter during login, causing post-authentication redirection to the a...
Jun 22, 2023This vulnerability in Zscaler Client Connector allows a local attacker to execute arbitrary code with SYSTEM privileges by exploiting an unquoted serv...
Jul 15, 2021A stack-based buffer overflow vulnerability in Zscaler Client Connector for Windows allows remote code execution with SYSTEM privileges when connectin...
Jul 15, 2021Why Monitor Zscaler Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 20+ known vulnerabilities affecting Zscaler products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Zscaler packages in under 60 seconds. No agents required - completely agentless scanning that works across Zscaler deployments.
Free vulnerability database: Access detailed information about every Zscaler CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Zscaler CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
