PT-2022-15674 · Zoom+1 · Zoom Plugin For Microsoft Outlook+4
Published
2022-04-28
·
Updated
2023-08-08
·
CVE-2022-22782
CVSS v3.1
7.9
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Zoom Client for Meetings for Windows versions prior to 5.9.7
Zoom Rooms for Conference Room for Windows versions prior to 5.10.0
Zoom Plugins for Microsoft Outlook for Windows versions prior to 5.10.3
Zoom VDI Windows Meeting Clients versions prior to 5.9.6
Description
The issue concerns a local privilege escalation problem during the installer repair operation. A malicious actor could potentially delete system-level files or folders, causing integrity or availability issues on the user's host machine.
Recommendations
For Zoom Client for Meetings for Windows versions prior to 5.9.7, update to version 5.9.7 or later.
For Zoom Rooms for Conference Room for Windows versions prior to 5.10.0, update to version 5.10.0 or later.
For Zoom Plugins for Microsoft Outlook for Windows versions prior to 5.10.3, update to version 5.10.3 or later.
For Zoom VDI Windows Meeting Clients versions prior to 5.9.6, update to version 5.9.6 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Outlook
Zoom Client For Meetings
Zoom Plugin For Microsoft Outlook
Zoom Rooms For Conference Room
Zoom Vdi Windows Meeting Clients