CVE-2021-26736

Name of the Vulnerable Software and Affected Versions Zscaler Client Connector Installer and Uninstaller for Windows versions prior to 3.6

Description Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows allowed execution of binaries from a low privileged path. A local adversary may be able to execute code with SYSTEM privileges.

Recommendations For versions prior to 3.6, update to version 3.6 or later to resolve the issue. As a temporary workaround, consider restricting access to low privileged paths to minimize the risk of exploitation.