7.8
CVE-2024-23482
- EPSS 0.28%
- Veröffentlicht 26.03.2024 15:15:49
- Zuletzt bearbeitet 10.10.2025 14:43:24
- Quelle cve@zscaler.com
- CVE-Watchlists
- Unerledigt
ZScalerService Local Privilege Escalation
The ZScaler service is susceptible to a local privilege escalation vulnerability found in the ZScalerService process. Fixed Version: Mac ZApp 4.2.0.241 and later.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zscaler ≫ Client Connector SwPlatformmacos Version < 4.2.0.241
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.19 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| cve@zscaler.com | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://help.zscaler.com/client-connector/client-connector-app-release-summary-2024