Vulnerabilities > Zscaler > Client Connector > High

DATE CVE VULNERABILITY TITLE RISK
2021-07-15 CVE-2020-11632 Unquoted Search Path or Element vulnerability in Zscaler Client Connector
The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges.
local
low complexity
zscaler CWE-428
7.8
2021-07-15 CVE-2020-11634 Uncontrolled Search Path Element vulnerability in Zscaler Client Connector 2.1/2.1.2/2.1.2.81
The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of OpenSSL.
local
low complexity
zscaler CWE-427
7.8
2021-02-16 CVE-2020-11635 Unspecified vulnerability in Zscaler Client Connector
The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges.
local
low complexity
zscaler
7.8