Description
An incorrect startup configuration of affected versions of Zscaler Client Connector on Windows may cause a limited amount of traffic from being inspected under rare circumstances.
Published: 2026-03-31
Score: 5.4 Medium
EPSS: n/a
KEV: No
Impact: Partial traffic inspection bypass leading to potential data leakage
Action: Update
AI Analysis

Impact

Configuration error in Zscaler Client Connector on Windows allows a small portion of outbound traffic to bypass the inspection engine. Because the client starts with an incorrect startup profile, traffic destined for protected resources can evade the policy rules that normally enforce encryption, filtering or blocking. The flaw reduces the confidentiality protection the product promises without compromising the host or enabling arbitrary code execution.

Affected Systems

Any Windows deployment of Zscaler Client Connector that has not applied the latest configuration update. The advisory does not list specific version ranges, so all releases prior to the recent release summary are potentially affected.

Risk and Exploitability

The CVSS score of 5.4 denotes moderate severity. Exploit likelihood is unknown as EPSS data is not available, and the vulnerability is not present in the CISA KEV catalog. The attack requires the client to start with the faulty configuration, which is likely to occur during a normal user login or startup sequence. Once the traffic bypasses the engine, an attacker only gains the ability to exfiltrate data that would otherwise be inspected, but not full system compromise.

Generated by OpenCVE AI on March 31, 2026 at 16:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Zscaler Client Connector release; refer to the 2025 release summary for guidance.
  • Verify the startup configuration to ensure all traffic is forced through the inspection engine. Remove or disable any legacy or custom profiles that introduce the error.
  • Monitor network traffic for unexpected uninspected flows and audit client settings regularly.
  • Keep internal documentation up to date so future deployments use the corrected profile.

Generated by OpenCVE AI on March 31, 2026 at 16:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 31 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 31 Mar 2026 15:30:00 +0000

Type Values Removed Values Added
Description An incorrect startup configuration of affected versions of Zscaler Client Connector on Windows may cause a limited amount of traffic from being inspected under rare circumstances.
Title Incorrect startup configuration in ZCC
Weaknesses CWE-1289
References
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Zscaler

Published:

Updated: 2026-03-31T17:24:13.723Z

Reserved: 2026-01-07T15:52:48.033Z

Link: CVE-2026-22569

cve-icon Vulnrichment

Updated: 2026-03-31T17:24:07.836Z

cve-icon NVD

Status : Received

Published: 2026-03-31T16:16:28.993

Modified: 2026-03-31T16:16:28.993

Link: CVE-2026-22569

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T19:54:17Z

Weaknesses