Microsoft · Windows · CVE-2023-28802
**Name of the Vulnerable Software and Affected Versions**
Zscaler Client Connector versions prior to 4.2.0.149
**Description**
An issue with improper validation of integrity check values in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics.
**Recommendations**
For versions prior to 4.2.0.149, update to version 4.2.0.149 or later to resolve the issue. As a temporary workaround, consider restricting access to Zscaler Diagnostics to prevent interruption of the service restart.