Client Connector
by Zscaler
CVEs (43)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-11633 | 0.00 | — | 0.02 | Jul 15, 2021 | The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges. | |||
| CVE-2021-25265 | 0.00 | — | 0.02 | Mar 22, 2021 | A malicious website could execute code remotely in Sophos Connect Client before version 2.1. | |||
| CVE-2020-11635 | 0.00 | — | 0.00 | Feb 16, 2021 | The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges. |
- CVE-2020-11633Jul 15, 2021risk 0.00cvss —epss 0.02
The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges.
- CVE-2021-25265Mar 22, 2021risk 0.00cvss —epss 0.02
A malicious website could execute code remotely in Sophos Connect Client before version 2.1.
- CVE-2020-11635Feb 16, 2021risk 0.00cvss —epss 0.00
The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges.
Page 3 of 3