Zoom Client Installer Local Privilege Escalation
CVE-2021-34409

7.8HIGH

Key Information:

Vendor: Zoom
Status: Zoom Client For Meetings For Mac OS (standard And For It Admin); Zoom Client Plugin For Sharing Iphone/ipad; Zoom Rooms For Conference
Vendor: CVE Published:; 27 September 2021

What is CVE-2021-34409?

It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy pre- and post- installation shell scripts to a user-writable directory. In the affected products listed below, a malicious actor with local access to a user's machine could use this flaw to potentially run arbitrary system commands in a higher privileged context during the installation process.

Affected Version(s)

Zoom Client for Meetings for MacOS (Standard and for IT Admin) < 5.2.0

Zoom Client Plugin for Sharing iPhone/iPad < 5.2.0

Zoom Rooms for Conference < 5.1.0

References

https://explore.zoom.us/en/trust/security/security-bulletin

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 27, 2021
Vulnerability Reserved
Jun 9, 2021

Credit

Lockheed Martin Red Team