Zscaler Client Connector is comprehensive software that connects users to the Zscaler security cloud. It aims to protect enterprises from cyber threats by enforcing policy-based security, regardless of the network the device is connected to.

Zscaler Client Connector

The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2024-23483	CRITICAL	9.8	Zscaler Client Connector	cpe:2.3:a:zscaler:client_connector	No	Yes	Aug 06, 2024
CVE-2024-23460	HIGH	7.8	Zscaler Client Connector	cpe:2.3:a:zscaler:client_connector	No	Yes	Aug 06, 2024
CVE-2024-23458	HIGH	7.8	Zscaler Client Connector	cpe:2.3:a:zscaler:client_connector	No	Yes	Aug 06, 2024
CVE-2024-31127	HIGH	7.3	Zscaler Client Connector	cpe:2.3:a:zscaler:client_connector	No	Yes	Jun 04, 2025
CVE-2024-23464	MEDIUM	4.9	Zscaler Client Connector	cpe:2.3:a:zscaler:client_connector	No	Yes	Aug 06, 2024

CVE-2020-11633:
Zscaler Client Connector vulnerability analysis and mitigation

9.8

Related Zscaler Client Connector vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2020-11633: Zscaler Client Connector vulnerability analysis and mitigation