Zscaler Internet Access Vulnerability: Disable via PowerShell with Admin Rights
CVE-2024-23464

4.9MEDIUM

Key Information:

Vendor: Zscaler
Status: Client Connector
Vendor: CVE Published:; 6 August 2024

What is CVE-2024-23464?

In certain cases, Zscaler Internet Access (ZIA) can be disabled by PowerShell commands with admin rights. This affects Zscaler Client Connector on Windows <4.2.1

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Client Connector Windows 0 < 4.2.1

References

https://help.zscaler.com/client-connector/client-connecto...

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2024
Vulnerability Reserved
Jan 17, 2024

Credit

Randstad N.V. Red Team

JSON

Zscaler

What is CVE-2024-23464?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.