CVE-2021-26736 - OpenCVE

Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows prior to 3.6 allowed execution of binaries from a low privileged path. A local adversary may be able to execute code with SYSTEM privileges.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Zscaler	Client Connector

Configuration 1 [-]

cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*

References

Link	Resource
https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021	Release Notes

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Zscaler

Published: 2023-10-23T13:21:12.518Z

Updated: 2023-10-23T13:21:19.182Z

Reserved: 2021-02-05T20:34:27.824Z

Link: CVE-2021-26736

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-10-23T14:15:09.063

Modified: 2023-10-27T00:33:29.907

Link: CVE-2021-26736

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2021-26736", "assignerOrgId": "73c6f63b-efac-410d-a0a9-569700f85a04", "state": "PUBLISHED", "assignerShortName": "Zscaler", "dateReserved": "2021-02-05T20:34:27.824Z", "datePublished": "2023-10-23T13:21:12.518Z", "dateUpdated": "2023-10-23T13:21:19.182Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Client Connector", "vendor": "Zscaler", "versions": [{"lessThan": "3.6", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "LMCO Red Team"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows prior to 3.6 allowed execution of binaries from a low privileged path. A local adversary may be able to execute code with SYSTEM privileges.\n\n<br>"}], "value": "Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows prior to 3.6 allowed execution of binaries from a low privileged path. A local adversary may be able to execute code with SYSTEM privileges.\n\n\n"}], "impacts": [{"capecId": "CAPEC-234", "descriptions": [{"lang": "en", "value": "CAPEC-234 Hijacking a privileged process"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "73c6f63b-efac-410d-a0a9-569700f85a04", "shortName": "Zscaler", "dateUpdated": "2023-10-23T13:21:19.182Z"}, "references": [{"url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021"}], "source": {"discovery": "UNKNOWN"}, "title": "ZApp Installer Privilege Escalation Vulnerabilities", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*", "matchCriteriaId": "B3A7E628-F74C-46BC-A5E5-25402F2B90D8", "versionEndExcluding": "3.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the Zscaler Client Connector Installer and Uninstaller for Windows prior to 3.6 allowed execution of binaries from a low privileged path. A local adversary may be able to execute code with SYSTEM privileges.\n\n\n"}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades en Zscaler Client Connector Installer and Uninstaller para Windows anteriores a 3.6 permit\u00edan la ejecuci\u00f3n de archivos binarios desde una ruta con pocos privilegios. Un adversario local puede ejecutar c\u00f3digo con privilegios de SYSTEM."}], "id": "CVE-2021-26736", "lastModified": "2023-10-27T00:33:29.907", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "cve@zscaler.com", "type": "Secondary"}]}, "published": "2023-10-23T14:15:09.063", "references": [{"source": "cve@zscaler.com", "tags": ["Release Notes"], "url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021"}], "sourceIdentifier": "cve@zscaler.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "cve@zscaler.com", "type": "Secondary"}]}