CVE-2023-28806 - OpenCVE

An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Zscaler	Client Connector

Configuration 1 [-]

cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*

No data.

References

Link	Providers
https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=windows&applicable_version=4.2.0.190

History

Tue, 06 Aug 2024 18:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Zscaler Zscaler client Connector
CPEs		cpe:2.3:a:zscaler:client_connector::::::windows::*
Vendors & Products		Zscaler Zscaler client Connector
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Zscaler

Published: 2024-08-06T15:41:01.883Z

Updated: 2024-08-06T17:30:31.651Z

Reserved: 2023-03-23T18:29:15.803Z

Link: CVE-2023-28806

Vulnrichment

Updated: 2024-08-06T17:30:25.819Z

NVD

Status : Analyzed

Published: 2024-08-06T16:15:46.453

Modified: 2024-08-07T21:29:17.760

Link: CVE-2023-28806

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-28806", "assignerOrgId": "73c6f63b-efac-410d-a0a9-569700f85a04", "state": "PUBLISHED", "assignerShortName": "Zscaler", "dateReserved": "2023-03-23T18:29:15.803Z", "datePublished": "2024-08-06T15:41:01.883Z", "dateUpdated": "2024-08-06T17:30:31.651Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Client Connector", "vendor": "Zscaler", "versions": [{"lessThan": "4.2.0.190", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Equinor Red Team"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190.<br>"}], "value": "An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190."}], "impacts": [{"capecId": "CAPEC-207", "descriptions": [{"lang": "en", "value": "CAPEC-207 Removing Important Client Functionality"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-347", "description": "CWE-347 Improper Verification of Cryptographic Signature", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "73c6f63b-efac-410d-a0a9-569700f85a04", "shortName": "Zscaler", "dateUpdated": "2024-08-06T15:41:01.883Z"}, "references": [{"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=windows&applicable_version=4.2.0.190"}], "source": {"discovery": "UNKNOWN"}, "title": "Signature validation error in DLL allows disabling anti-tampering protection", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "zscaler", "product": "client_connector", "cpes": ["cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "4.2.0.190", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-06T17:14:09.944551Z", "id": "CVE-2023-28806", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T17:30:31.651Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-28806", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-06T17:14:09.944551Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*"], "vendor": "zscaler", "product": "client_connector", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.0.190", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-06T17:30:25.819Z"}}], "cna": {"title": "Signature validation error in DLL allows disabling anti-tampering protection", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Equinor Red Team"}], "impacts": [{"capecId": "CAPEC-207", "descriptions": [{"lang": "en", "value": "CAPEC-207 Removing Important Client Functionality"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Zscaler", "product": "Client Connector", "versions": [{"status": "affected", "version": "0", "lessThan": "4.2.0.190", "versionType": "custom"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=windows&applicable_version=4.2.0.190"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190.", "supportingMedia": [{"type": "text/html", "value": "An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-347", "description": "CWE-347 Improper Verification of Cryptographic Signature"}]}], "providerMetadata": {"orgId": "73c6f63b-efac-410d-a0a9-569700f85a04", "shortName": "Zscaler", "dateUpdated": "2024-08-06T15:41:01.883Z"}}}, "cveMetadata": {"cveId": "CVE-2023-28806", "state": "PUBLISHED", "dateUpdated": "2024-08-06T17:30:31.651Z", "dateReserved": "2023-03-23T18:29:15.803Z", "assignerOrgId": "73c6f63b-efac-410d-a0a9-569700f85a04", "datePublished": "2024-08-06T15:41:01.883Z", "assignerShortName": "Zscaler"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*", "matchCriteriaId": "260C3474-C82C-4E8A-9C63-FABD53E163BD", "versionEndExcluding": "4.2.0.190", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Validation of signature in Zscaler Client Connector on Windows allows an authenticated user to disable anti-tampering. This issue affects Client Connector on Windows <4.2.0.190."}, {"lang": "es", "value": "Una validaci\u00f3n incorrecta de la firma en Zscaler Client Connector en Windows permite a un usuario autenticado desactivar la manipulaci\u00f3n. Este problema afecta a Client Connector en Windows <4.2.0.190."}], "id": "CVE-2023-28806", "lastModified": "2024-08-07T21:29:17.760", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.2, "source": "cve@zscaler.com", "type": "Secondary"}]}, "published": "2024-08-06T16:15:46.453", "references": [{"source": "cve@zscaler.com", "tags": ["Vendor Advisory"], "url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=windows&applicable_version=4.2.0.190"}], "sourceIdentifier": "cve@zscaler.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-347"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-347"}], "source": "cve@zscaler.com", "type": "Secondary"}]}