CVE-2024-23463

CVE Database · CVE-2024-23463

CVE-2024-23463

· HIGHAnalyzed

CVSS v3.1

8.8

EPSS

0.37%

Published

Apr 30, 2024

Modified

Mar 2, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Anti-tampering protection of the Zscaler Client Connector can be bypassed under certain conditions when running the Repair App functionality. This affects Zscaler Client Connector on Windows prior to 4.2.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-367

Affected Products (1)

zscaler · client_connector (up to 4.2.1)vulnerable

References (2)

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023

Vendor AdvisoryRelease Notes

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023

Vendor AdvisoryRelease Notes

KEV Catalog EPSS Scores Vendors All CVEs