CVE-2022-36929

Name of the Vulnerable Software and Affected Versions Zoom Rooms Installer for Windows versions prior to 5.12.6

Description The issue is related to a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user. The vulnerability is also described in relation to errors in synchronization when using a shared resource, which could allow an attacker to execute arbitrary code with system privileges.

Recommendations For Zoom Rooms Installer for Windows versions prior to 5.12.6, update to version 5.12.6 or later to resolve the issue. As a temporary workaround, consider restricting the installation process to prevent low-privileged users from exploiting the vulnerability until a patch is applied.