{“lastseen”:””,”description”:”A health check port on Zscaler Client Connector on Windows, versions 4.6 \\u003c 4.6.0.216 and 4.7 \\u003c 4.7.0.47, which under specific circumstances was not released after use, allowed traffic to potentially bypass ZCC forwarding controls.”,”published”:”2025-11-12T03:07:39.531Z”,”modified”:”2025-11-12T03:07:39.531Z”,”type”:”cve”,”title”:”Health check port on ZCC allows tunnel bypass”,”source”:”Zscaler”,”references”:”https:\/\/help.zscaler.com\/zscaler-client-connector\/client-connector-app-release-summary-2025″,”id”:”CVE-2025-54983″,”bulletinFamily”:””,”cwe”:[“CWE-772″],”cvelist”:null,”sourceData”:”Zscaler Zscaler Client Connector 4.6\\nZscaler Zscaler Client Connector 4.7″,”sourceHref”:””,”cvss”:{“score”:5.2,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:C\/C:L\/I:L\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Zscaler Client Connector”,”version”:”4.6″,”vendor”:”Zscaler”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”A health check port on Zscaler Client Connector on Windows, versions 4.6 \\u003c 4.6.0.216 and 4.7 \\u003c 4.7.0.47, which under specific circumstances was not released…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,156,12,21,13,7,11,5],"class_list":["post-25937","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-52","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n