TrayManager Passes Config Parameter to Previous Installer Name

CVE-2023-41973

What is CVE-2023-41973?

The vulnerability CVE-2023-41973 in Zscaler Client Connector allows for a zero-interaction local privilege escalation by combining three different vulnerabilities. The Zscaler Client Connector is a local Desktop client that connects to Zscaler’s various network tunnels. The vulnerability involves a lack of input sanitization in Zscaler Client Connector, which enables arbitrary code execution. It also involves problems with the authentication process for some functions, allowing for the bypass of password checks. These vulnerabilities have been fixed in Zscaler Client Connector versions 4.2.0.209 and 4.3.0.121. The exploitation of this vulnerability poses a significant risk, as it can lead to unauthorized access and control over the affected systems, potentially resulting in system compromise and the spread of malware.

News Articles

Vulcan Cyber

CVE-2023-41973CVE-2023-41969

Fix these critical vulnerabilities in Zscaler Client Connector

Critical vulnerabilities in Zscaler Client Connector allows privilege escalation to NT AUTHORITYSYSTEM. Here's what you need to know.

CybersecurityNews

CVE-2023-41972CVE-2023-41973

Zscaler Client Connector Zero-interaction Privilege Escalation Vulnerability

A new privilege escalation vulnerability has been discovered in Zscaler Client Connector which involves combining three different

spaceraccoon.dev

CVE-2023-41973

Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973)

A couple months ago, my colleague Winston Ho and I chained a series of unfortunate bugs into a zero-interaction local privilege escalation in Zscaler Client Connector. This was an interesting journey into Windows RPC caller validation and bypassing several checks, including Authenticode verification...

References