PT-2021-9424 · Zscaler · Zscaler Client Connector

Published

2021-02-16

Updated

2021-07-21

CVE-2020-11635

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Zscaler Client Connector versions prior to 3.1.0

Description The issue allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges due to insufficient validation of RPC clients.

Recommendations For versions prior to 3.1.0, update to version 3.1.0 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-11635

Affected Products

Zscaler Client Connector

PT-2021-9424 · Zscaler · Zscaler Client Connector

CVE-2020-11635

Related Identifiers

Affected Products

References · 4