CVE-2025-54983

Summary

A health check port on Zscaler Client Connector on Windows, versions 4.6 < 4.6.0.216 and 4.7 < 4.7.0.47, which under specific circumstances was not released after use, allowed traffic to potentially bypass ZCC forwarding controls.

Affected Software

VendorProductVersion RangeStatus
ZscalerZscaler Client Connector4.6 < 4.6.0.216affected
ZscalerZscaler Client Connector4.7 < 4.7.0.47affected

Weaknesses

  • CWE-772: CWE-772 Missing Release of Resource after Effective Lifetime

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References