Temporary Encrypted File Protection Against Unprivileged End User Access and Modification
CVE-2023-41969

7.3HIGH

Key Information:

Vendor

Zscaler

Status
Client Connector
Vendor
CVE Published:
26 March 2024

Badges

💰 Ransomware👾 Exploit Exists📰 News Worthy

What is CVE-2023-41969?

The vulnerability in ZSATrayManager allows for arbitrary file deletion, which compromises the protection mechanisms in place for the temporary encrypted ZApp issue reporting files. This flaw specifically permits unprivileged end users to access and modify these files, posing a risk to data integrity and confidentiality. The issue has been mitigated in ZApp version 4.3.0 and later, which addresses the unauthorized access vector, ensuring that the encrypted files are properly safeguarded from deletion by unauthorized users.

Affected Version(s)

Client Connector Windows 0 < 4.3.0

News Articles

favicon imageThreat Intelligence Radar

Threat Intel Roundup: glibc, Anatsa, iconv, NahamCon – Threat Radar Intelligence

admin May 28, 2024 No Comments Technical Summary Zero-Interaction Local Privilege Escalation in...

favicon imageVulcan Cyber

Fix these critical vulnerabilities in Zscaler Client Connector

Critical vulnerabilities in Zscaler Client Connector allows privilege escalation to NT AUTHORITYSYSTEM. Here's what you need to know.

References

https://help.zscaler.com/client-connector/client-connecto...

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 💰

    Used in Ransomware

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by Vulcan Cyber

  • Vulnerability published

  • Vulnerability Reserved

Credit

Singapore GovTech Red Team
.
CVE-2023-41969 : Temporary Encrypted File Protection Against Unprivileged End User Access and Modification