CVE-2020-11633

CRITICAL

Zscaler Client Connector < 2.1.2.81 - Stack-Based Buffer Overflow via Misconfigured TLS Server Connection

Title source: llm
STIX 2.1

Description

The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges.

Scores

CVSS v3 9.8
EPSS 0.0189
EPSS Percentile 77.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
zscaler/client_connector < 2.1.2.81
Published Jul 15, 2021
Tracked Since Feb 18, 2026