The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges.
References
Configurations
History
27 Jul 2021, 15:24
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.81 - Vendor Advisory | |
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
CPE | cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:* |
15 Jul 2021, 18:21
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-07-15 18:15
Updated : 2024-02-04 21:47
NVD link : CVE-2020-11633
Mitre link : CVE-2020-11633
CVE.ORG link : CVE-2020-11633
JSON object : View
Products Affected
zscaler
- client_connector
CWE
CWE-787
Out-of-bounds Write