How severe is CVE-2024-23460?

CVE-2024-23460 has a CVSS v3 score of 6.4 (MEDIUM).

CVE-2024-23460

Name: client_connector
Author: zscaler

6.4MEDIUM

The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <4

Опубликовано: 8/6/2024Обновлено: 8/7/2024

Описание

The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <4.2.

ИИ-АнализНа базе ИИ

Затронутые продукты

zscalerclient_connector

Ссылки

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=macos&applicable_version=4.2
Vendor Advisory