Local Privilege Escalation in the Zoom Rooms for Windows Client

CVE-2022-28752

8.8HIGH

Key Information

Vendor
Zoom
Status
Zoom Room For Conference Room For Windows
Vendor
CVE Published:
17 August 2022

Summary

Zoom Rooms for Conference Rooms for Windows versions before 5.11.0 are susceptible to a Local Privilege Escalation vulnerability. A local low-privileged malicious user could exploit this vulnerability to escalate their privileges to the SYSTEM user.

Affected Version(s)

Zoom Room for Conference Room for Windows < 5.11.0

Refferences

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

sim0nsecurity
.