Unrated severityNVD Advisory· Published Aug 6, 2024· Updated Aug 6, 2024
Incorrect signature validation of package
CVE-2024-23460
Description
The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <4.2.
Affected products
2<4.2+ 1 more
- (no CPE)range: <4.2
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.