Privilege Escalation in Zoom Rooms for Windows by Zoom
CVE-2023-34118

7.3HIGH

Key Information:

Vendor: Zoom Video Communications, Inc.
Status: Zoom Rooms For Windows
Vendor: CVE Published:; 11 July 2023

🔔 Create Zoom Video Communications, Inc. Vulnerability Alert

What is CVE-2023-34118?

The vulnerability in Zoom Rooms for Windows arises from improper privilege management. Authenticated users with local access can exploit this flaw to escalate privileges, potentially compromising the security of the system. It is crucial for users to update to version 5.14.5 or later to mitigate this issue. For more information, please refer to the security bulletin from Zoom.

Affected Version(s)

Zoom Rooms for Windows before 5.14.5

References

https://explore.zoom.us/en/trust/security/security-bulletin/

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 11, 2023
Vulnerability Reserved
May 25, 2023