CVE-2024-23464
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Summary
CVE-2024-23464 is a vulnerability affecting Zscaler Internet Access (ZIA) on Windows versions of the Zscaler Client Connector below 4.2.1. With admin rights, an attacker can exploit this issue by employing PowerShell commands to disable ZIA, potentially compromising the security of the network and exposing users to various online threats. This vulnerability can lead to bypassing the ZIA security features, rendering the organization's internet traffic vulnerable to unauthorized access and data breaches. To mitigate this risk, it is highly recommended that organizations update their Zscaler Client Connector to the latest version as soon as possible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Zscaler Client Connector
Affected Vendors
- Zscaler