VYPR
Unrated severityNVD Advisory· Published Aug 6, 2024· Updated Aug 6, 2024

Incorrect signature validation of package

CVE-2024-23460

Description

The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <4.2.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.