CVE-2024-31127Origin Validation Error in Client Connector

CWE-346Origin Validation Error3 documents3 sources
Severity
7.3HIGHNVD
EPSS
0.0%
top 91.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Zscaler Client Connector
Timeline
PublishedJun 4

Description

An improper verification of a loaded library in Zscaler Client Connector on Mac < 4.2.0.241 may allow a local attacker to elevate their privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:LExploitability: 1.8 | Impact: 5.5

Affected Packages1 packages

CVEListV5zscaler/client_connector< 4.2.0.241

🔴Vulnerability Details

2
GHSA
GHSA-q8hr-7r9h-q9hm: An improper verification of a loaded library in Zscaler Client Connector on Mac < 42025-06-04
CVEList
MacOS Zscaler Client Connector Local Privilege Escalation2025-06-04
CVE-2024-31127 — Origin Validation Error | cvebase