CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11632
https://notcve.org/view.php?id=CVE-2020-11632
15 Jul 2021 — The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges. El Zscaler Client Connector anterior a versión 2.1.2.150, no citaba la ruta de búsqueda de servicios, lo que permite a un adversario local ejecutar código con privilegios del sistema • https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.105 • CWE-428: Unquoted Search Path or Element •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2020-11633
https://notcve.org/view.php?id=CVE-2020-11633
15 Jul 2021 — The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges. El Zscaler Client Connector para Windows anterior a versión 2.1.2.74, presentaba un desbordamiento de búfer en la región stack de la memoria cuando se conectaba a servidores TLS mal configurados. Un adversario podría potencialmente haber podido ejecutar código arbitrario con p... • https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.81 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11635
https://notcve.org/view.php?id=CVE-2020-11635
16 Feb 2021 — The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges. Zscaler Client Connector versiones anteriores a 3.1.0, no comprobaba suficientemente los clientes RPC, lo que permite a un adversario local ejecutar código con privilegios system o llevar a cabo acciones limitadas para las que no tenía privilegios • https://trust.zscaler.com/posts/7316 •