PT-2021-20518 · Zoom · Zoom Plugin For Microsoft Outlook

Published

2021-09-27

Updated

2022-07-12

CVE-2021-34410

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Zoom Plugin for Microsoft Outlook for Mac versions prior to 5.0.25611.0521

Description: A user-writable application bundle unpacked during the install allows for privilege escalation to root. This issue affects all versions of the Zoom Plugin for Microsoft Outlook for Mac before the specified fixed version.

Recommendations: For versions prior to 5.0.25611.0521, update to version 5.0.25611.0521 or later to resolve the issue. As a temporary workaround, consider restricting access to the application bundle to minimize the risk of exploitation.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2021-34410

Affected Products

Zoom Plugin For Microsoft Outlook

PT-2021-20518 · Zoom · Zoom Plugin For Microsoft Outlook

CVE-2021-34410

Weakness Enumeration

Related Identifiers

Affected Products

References · 7