Zscaler Client Connector vulnerabilities

CVE-2020-11634 [HIGH] CWE-427 CVE-2020-11634: The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of OpenSSL. A local adversary may be able to execute arbitrary code in the SYSTEM context.

CVE-2020-11635 [HIGH] CVE-2020-11635: The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows The Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges.