CVE-2023-28793

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 23, 2023

Updated: Oct 27, 2023

CWE ID 787

Summary

CVE-2023-28793 is a buffer overflow vulnerability that affects the signelf library utilized by Zscaler Client Connector on Linux. This issue allows code injection, enabling an attacker to execute arbitrary code on the system. The vulnerability can be exploited if the signelf library receives specially crafted data, potentially leading to serious security implications. The Zscaler Client Connector for Linux versions prior to 1.3.1.6 are susceptible to this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Zscaler Client Connector

Affected Vendors

Zscaler

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tG5SxV
https://www.cve.org/CVERecord?id=CVE-2023-28793
https://nvd.nist.gov/vuln/detail/CVE-2023-28793

Back to Vulnerability Database