Vulnerabilities > Zscaler > Client Connector > 4.2.0.173
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2023-28806 | Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. | 6.5 |
| 2024-08-06 | CVE-2024-23456 | Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector Anti-tampering can be disabled under certain conditions without signature validation. | 7.5 |
| 2024-08-06 | CVE-2024-23458 | Origin Validation Error vulnerability in Zscaler Client Connector While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. | 7.8 |
| 2024-08-06 | CVE-2024-23464 | Unspecified vulnerability in Zscaler Client Connector In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. | 4.9 |