CVE-2021-26736 – ZApp Installer Privilege Escalation Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-26736
Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows prior to 3.6 allowed execution of binaries from a low privileged path. A local adversary may be able to execute code with SYSTEM privileges. Múltiples vulnerabilidades en Zscaler Client Connector Installer and Uninstaller para Windows anteriores a 3.6 permitían la ejecución de archivos binarios desde una ruta con pocos privilegios. Un adversario local puede ejecutar código con privilegios de SYSTEM. • https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2021-26735 – Untrusted Search Path While Executing REG DELETE by Uninstaller
https://notcve.org/view.php?id=CVE-2021-26735
The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted search path vulnerability. A local adversary may be able to execute code with SYSTEM privileges. Zscaler Client Connector Installer and Unsintallers para Windows anteriores a 3.6 tenían una vulnerabilidad de ruta de búsqueda sin comillas. Un adversario local puede ejecutar código con privilegios de SYSTEM. • https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021 • CWE-346: Origin Validation Error CWE-428: Unquoted Search Path or Element •
CVE-2021-26734 – Junction Delete leading to elevation of privilege
https://notcve.org/view.php?id=CVE-2021-26734
Zscaler Client Connector Installer on Windows before version 3.4.0.124 improperly handled directory junctions during uninstallation. A local adversary may be able to delete folders in an elevated context. El instalador de Zscaler Client Connector en Windows anterior a la versión 3.4.0.124 manejaba incorrectamente las uniones de directorios durante la desinstalación. Un adversario local puede eliminar carpetas en un contexto elevado. • https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021 • CWE-269: Improper Privilege Management •
CVE-2023-28800 – Output encoding missing in redrurl parameter
https://notcve.org/view.php?id=CVE-2023-28800
When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login. • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.4&deployment_date=2022-10-31&id=1420246 https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Android&applicable_version=1.10.2&deployment_date=2023-03-09&id=1447706 https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Chrome%20OS&applicable_version=1.10.1&deployment_date=2023-03-10&id=1447771 https: • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-28799
https://notcve.org/view.php?id=CVE-2023-28799
A URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, which would redirect the user after auth and send the authorization token to the redirected domain. • https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.4&deployment_date=2022-10-31&id=1420246 https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Android&applicable_version=1.10.2&deployment_date=2023-03-09&id=1447706 https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Chrome%20OS&applicable_version=1.10.1&deployment_date=2023-03-10&id=1447771 https: • CWE-20: Improper Input Validation CWE-601: URL Redirection to Untrusted Site ('Open Redirect') CWE-1287: Improper Validation of Specified Type of Input •