Vulnerabilities > Zscaler > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-08-06 CVE-2024-23483 OS Command Injection vulnerability in Zscaler Client Connector
An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command Injection. This issue affects Zscaler Client Connector on MacOS <4.2.
network
low complexity
zscaler CWE-78
critical
 9.8
9.8
2023-10-23 CVE-2023-28805 Unspecified vulnerability in Zscaler Client Connector
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation.
network
low complexity
zscaler
critical
 9.8
9.8
2023-08-31 CVE-2023-28801 Improper Verification of Cryptographic Signature vulnerability in Zscaler Internet Access Admin Portal
An Improper Verification of Cryptographic Signature in the SAML authentication of the Zscaler Admin UI allows a Privilege Escalation.This issue affects Admin UI: from 6.2 before 6.2r.
network
low complexity
zscaler CWE-347
critical
 9.8
9.8
2021-07-15 CVE-2020-11633 Out-of-bounds Write vulnerability in Zscaler Client Connector
The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers.
network
low complexity
zscaler CWE-787
critical
 10.0
10