Privilege Escalation in Zoom Rooms Installer for Windows
CVE-2023-36536

8.2HIGH

Key Information:

Vendor: Zoom Video Communications, Inc.
Status: Zoom Rooms For Windows
Vendor: CVE Published:; 11 July 2023

🔔 Create Zoom Video Communications, Inc. Vulnerability Alert

What is CVE-2023-36536?

An untrusted search path vulnerability exists in the installer of Zoom Rooms for Windows prior to version 5.15.0. This vulnerability allows authenticated users to exploit local access to escalate their privileges, potentially compromising the security of the system. Users should ensure that they are using the latest version of Zoom Rooms to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Zoom Rooms for Windows before 5.15.0

References

https://explore.zoom.us/en/trust/security/security-bulletin/

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 11, 2023
Vulnerability Reserved
Jun 22, 2023

JSON

Zoom Video Communications, Inc.

What is CVE-2023-36536?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.