vulnerability

Zscaler Client Connector: CVE-2023-28802: Improper Validation of Integrity Check Value

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:C/I:P/A:N)	Nov 21, 2023	Jun 5, 2025	Jun 6, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:P/A:N)

Published

Nov 21, 2023

Added

Jun 5, 2025

Modified

Jun 6, 2025

Description

An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an authenticated user to disable ZIA/ZPA by interrupting the service restart from Zscaler Diagnostics. This issue affects Client Connector: before 4.2.0.149.

Solution

zscaler-client-connector-update-latest

References

CVE-2023-28802
https://attackerkb.com/topics/CVE-2023-28802

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today