CVE-2024-23460 Information

Description

The Zscaler Updater process does not validate the digital signature of the installer before execution allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <4.2.

Reference

https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=macos&applicable_version=4.2