Incorrect startup configuration in ZCC

Description

An incorrect startup configuration of affected versions of Zscaler Client Connector on Windows may cause a limited amount of traffic from being inspected under rare circumstances.

Affected Products

Vendor	Product	Versions
zscaler	zscaler client connector	4.7, 4.8

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
zscaler	client connector	cert_advisory	90%

References

https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2025

Related News (2 articles)

Tier B

BSI Advisories4h ago

[NEU] [mittel] ZScaler Client Connector: Schwachstelle ermöglicht Manipulation von Daten

→ No new info (linked only)

Tier C

VulDB22h ago

CVE-2026-22569 | Zscaler Client Connector prior 4.7.0.141/4.8.0.63 on Windows Startup Configuration improper validation of unsafe equivalence in input

→ No new info (linked only)

CVSS 3.15.4 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

4.7.0.1414.8.0.63

CWECWE-1289

PublishedMar 31, 2026

Last enriched22h agov2

Trending Score53

Source articles2

Independent2

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

Version History

Last enriched 22h ago

v2Tier C22h ago

Updated severity to CRITICAL, changed exploit availability to false, and provided a more detailed description of the vulnerability.

descriptionseverityactivelyExploited

via VulDB

v123h ago

Initial creation

Incorrect startup configuration in ZCC

Description

Affected Products

Also Affects

References

Related News (2 articles)

Community Vote

Related CVEs (2)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History