CVE-2023-28794 – PAC Files Exposed to Internet Websites
https://notcve.org/view.php?id=CVE-2023-28794
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse. This issue affects Zscaler Client Connector for Linux: before 1.3.1.6. La vulnerabilidad de error de validación de origen en Zscaler Client Connector en Linux permite el abuso de privilegios. Este problema afecta a Zscaler Client Connector para Linux: versiones anteriores a 1.3.1.6. • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.3.1&deployment_date=2022-09-19 • CWE-346: Origin Validation Error •
CVE-2023-28805 – ZCC on Linux privilege escalation
https://notcve.org/view.php?id=CVE-2023-28805
An Improper Input Validation vulnerability in Zscaler Client Connector on Linux allows Privilege Escalation. This issue affects Client Connector: before 1.4.0.105 Una vulnerabilidad de validación de entrada incorrecta en Zscaler Client Connector en Linux permite la escalada de privilegios. Este problema afecta a Client Connector: anterior a 1.4.0.105 • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2023-28804 – Linux ZCC allows unsigned updates, allowing elevated Code Execution
https://notcve.org/view.php?id=CVE-2023-28804
An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105 Una vulnerabilidad de verificación incorrecta de Cryptographic Signature en Zscaler Client Connector en Linux permite reemplazar archivos binarios. Este problema afecta a Linux Client Connector: antes de 1.4.0.105 • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023 • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2023-28803 – Traffic being bypassed by ZCC by configuring synthetic IP range as local network
https://notcve.org/view.php?id=CVE-2023-28803
An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, allowing a functionality bypass. This issue affects Client Connector: before 3.9. Es posible omitir la autenticación mediante la suplantación de un dispositivo con una dirección IP sintética en Zscaler Client Connector en Windows, lo que permite omitir la funcionalidad. Este problema afecta a Client Connector: versiones anteriores a 3.9. • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023 • CWE-290: Authentication Bypass by Spoofing •
CVE-2023-28797 – LPE using arbitrary file delete with Symlinks
https://notcve.org/view.php?id=CVE-2023-28797
Zscaler Client Connector for Windows before 4.1 writes/deletes a configuration file inside specific folders on the disk. A malicious user can replace the folder and execute code as a privileged user. Zscaler Client Connector para Windows anterior a 4.1 escribe/elimina un archivo de configuración dentro de carpetas específicas en el disco. Un usuario malintencionado puede reemplazar la carpeta y ejecutar código como usuario privilegiado. • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •