VYPR
Unrated severityNVD Advisory· Published Oct 23, 2023· Updated Feb 27, 2025

Privilege Escalation for ZCC macOS via PATH Variable

CVE-2021-26738

Description

Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the PATH variable. A local adversary may be able to execute code with root privileges.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.