Unrated severityNVD Advisory· Published Oct 23, 2023· Updated Feb 27, 2025
Privilege Escalation for ZCC macOS via PATH Variable
CVE-2021-26738
Description
Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the PATH variable. A local adversary may be able to execute code with root privileges.
Affected products
2<3.7+ 1 more
- (no CPE)range: <3.7
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.