Improper Privilege Management in Zoom Rooms for macOS
CVE-2023-43591

7.8HIGH

Key Information:

Vendor: Zoom Video Communications, Inc.
Status: Zoom Rooms For Mac OS
Vendor: CVE Published:; 15 November 2023

Summary

An improper privilege management flaw exists in Zoom Rooms for macOS that may enable an authenticated user to escalate privileges after gaining local access. This vulnerability affects all versions prior to 5.16.0, posing potential risks to system integrity and confidentiality. It is crucial for users to update to the latest version to mitigate this risk.

Affected Version(s)

Zoom Rooms for macOS MacOS before 5.16.0

References

https://explore.zoom.us/en/trust/security/security-bulletin/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 15, 2023
Vulnerability Reserved
Sep 19, 2023