CVE-2024-23463

HIGH Year: 2024
CVSS v3 Score
8.8
High
Weakness Type
CWE-367
View all →

Vulnerability Description

Anti-tampering protection of the Zscaler Client Connector can be bypassed under certain conditions when running the Repair App functionality. This affects Zscaler Client Connector on Windows prior to 4.2.1

Related Vulnerabilities

CVE-2019-19793

HIGH
CVSS:8.8(High)

In Cyxtera AppGate SDP Client 4.1.x through 4.3.x before 4.3.2 on Windows, a local or remote user from the same domain can gain privileges.

CWE-3672019

CVE-2019-9486

HIGH
CVSS:8.8(High)

STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the HiDriveMaintenanceService service. This service establishes a NetNamedPipe endpoi...

CWE-3672019

CVE-2024-24993

HIGH
CVSS:8.8(High)

A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

CWE-3672024

CVE-2024-24995

HIGH
CVSS:8.8(High)

A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.

CWE-3672024

CVE-2025-30663

HIGH
CVSS:8.8(High)

Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.

CWE-3672025