Vulnerabilities > Zscaler > Client Connector > 3.9.0.90
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-23460 | Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. | 7.8 |
| 2024-08-06 | CVE-2024-23483 | OS Command Injection vulnerability in Zscaler Client Connector An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command Injection. This issue affects Zscaler Client Connector on MacOS <4.2. | 9.8 |
| 2024-05-06 | CVE-2024-3661 | Missing Authentication for Critical Function vulnerability in multiple products DHCP can add routes to a client’s routing table via the classless static route option (121). | 7.6 |